Buffer Overflow Vulnerability in TIBCO Software's Enterprise Message Service
CVE-2008-1704

Currently unrated

Key Information:

Vendor

Tibco
Status
Enterprise Message Service
Iprocess Engine
Vendor
CVE Published:
11 April 2008

What is CVE-2008-1704?

Multiple buffer overflow vulnerabilities exist in TIBCO Software's Enterprise Message Service (EMS) prior to version 4.4.3 and in iProcess Engine versions 10.6.0 to 10.6.1. These vulnerabilities can be exploited by remote attackers sending specially crafted messages to the EMS server, potentially allowing them to execute arbitrary code. Organizations using these affected versions should review their security practices and apply necessary patches to mitigate the risks associated with these vulnerabilities.

References

http://www.tibco.com/resources/mk/ems_security_advisory_2...
x_refsource_CONFIRM
http://www.securitytracker.com/id?1019826
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/41761
vdb-entryx_refsource_XF

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.