CVE-2008-1703 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Adapter Files Z OS

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

9.3CRITICALNVD

CISA7.8

EPSS

11.6%

top 6.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tibco Adapter Files Z OS Tibco Hawk Tibco Rendezvous +5 more

Timeline

PublishedApr 11

Latest updateMay 1

Description

Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages8 packages

▶NVDtibco/rendezvous8.10

▶NVDtibco/rendezvous_tx2.04

▶NVDtibco/rendezvous_datasecurity2.1.6

▶NVDtibco/hawk4.8.0

▶NVDtibco/runtime_agent5.5.4

🔴Vulnerability Details

GHSA

GHSA-xcfq-6r83-fvm6: Multiple buffer overflows in TIBCO Software Rendezvous before 8↗2022-05-01

▶

CVEList

CVE-2008-1703: Multiple buffer overflows in TIBCO Software Rendezvous before 8↗2008-04-11

▶

📋Vendor Advisories

CISA

Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability↗2022-03-03

▶