CVE-2006-2830 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Hawk

6 documents3 sources

Severity

7.8HIGHNVD

NVD7.5CNA7.5

EPSS

6.9%

top 8.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Hawk Tibco Rendezvous Tibco Runtime Agent

Timeline

PublishedJun 5

Latest updateMay 1

Description

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDtibco/runtime_agent5.3

▶NVDtibco/hawk4.6.1

▶NVDtibco/rendezvous4 versions+3

Patches

Patch: secunia.com ↗Patch: www.kb.cert.org ↗Patch: www.tibco.com ↗

🔴Vulnerability Details

GHSA

GHSA-9xq6-fxh4-22xf: Buffer overflow in TIBCO Rendezvous before 7↗2022-05-01

▶

GHSA

GHSA-x2mf-686w-vjjw: Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7↗2022-05-01

▶

CVEList

CVE-2007-4158: Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7↗2007-08-03

▶

CVEList

CVE-2006-2830: Buffer overflow in TIBCO Rendezvous before 7↗2006-06-05

▶