Buffer Overflow Vulnerability in TIBCO Rendezvous and Related Products
CVE-2015-4555

Currently unrated

Key Information:

Vendor: Tibco
Status: Rendezvous; Rendezvous Network Server; Messaging Appliance; Substation Es
Vendor: CVE Published:; 30 August 2015

Summary

The vulnerability exists within the HTTP administrative interface of TIBCO Rendezvous and its associated components. Attackers can exploit this buffer overflow to trigger a denial of service or potentially execute arbitrary code by sending specially crafted requests. This issue affects multiple products in the TIBCO ecosystem, including Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad), emphasizing the need for prompt updates to mitigate associated risks.

References

http://www.securitytracker.com/id/1033677

vdb-entryx_refsource_SECTRACK

http://www.tibco.com/mk/advisory.jsp

x_refsource_CONFIRM

http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 30, 2015
Vulnerability Reserved
Jun 14, 2015