CVE-2007-5656 — Rtworks vulnerability

CWE-3993 documents3 sources

Severity

10.0CRITICALNVD

EPSS

12.5%

top 6.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Rtworks Tibco Smartsockets Rtserver Tibco Enterprise Message Service

Timeline

PublishedJan 16

Latest updateMay 1

Description

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDtibco/enterprise_message_service6 versions+5

▶NVDtibco/smartsockets_rtserver6.8.0

▶NVDtibco/rtworks4.0.3

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-pp4m-55cm-6994: TIBCO SmartSockets RTserver 6↗2022-05-01

▶

CVEList

CVE-2007-5656: TIBCO SmartSockets RTserver 6↗2008-01-16

▶