Multiple Vulnerabilities in TIBCO Spotfire Products Affecting Remote Code Execution
CVE-2015-4554

Currently unrated

Key Information:

Vendor: Tibco
Status: Spotfire Deployment Kit
Vendor: CVE Published:; 21 July 2015

Summary

Multiple vulnerabilities in TIBCO Spotfire Client and Web Player Client allow remote attackers to execute arbitrary code or access sensitive information through unknown vectors. Affected versions include Spotfire Analyst, Spotfire Automation Services, Spotfire Deployment Kit, Spotfire Professional, and various other Spotfire components across several version ranges. These vulnerabilities pose significant risks to users and necessitate immediate attention to update and secure affected products.

References

http://www.securitytracker.com/id/1033015

vdb-entryx_refsource_SECTRACK

http://www.tibco.com/mk/advisory.jsp

x_refsource_CONFIRM

http://www.tibco.com/assets/blt1fd126faba191a9f/2015-001-...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 21, 2015
Vulnerability Reserved
Jun 14, 2015