CVE-2007-5658 Information

Description

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier RTworks before 4.0.4 and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638 http://secunia.com/advisories/28490 http://securitytracker.com/id?1019193 http://www.securityfocus.com/bid/27294 http://www.tibco.com/mk/advisory.jsp http://www.tibco.com/resources/mk/ems_security_advisory_20080115.txt http://www.tibco.com/resources/mk/smartsockets_security_advisory_20080115.txt http://www.tibco.com/resources/mk/sspfm_security_advisory_20080115.txt http://www.vupen.com/english/advisories/2008/0173 https://exchange.xforce.ibmcloud.com/vulnerabilities/39703