NVD

Id
48578  
Name
CVE-2009-1291  
Description
Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2009-04-30  
Modified Date
2009-05-14  
Seq
2009-1291  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
244980 48578 CVE-2009-1291 20090428 TIBCO SmartSockets Stack Buffer Overflow Vulnerability  View
244981 48578 CVE-2009-1291 1022129  View
244982 48578 CVE-2009-1291 http://www.harmonysecurity.com/blog/2009/04/tibco-smartsockets-stack-buffer.html  View
244983 48578 CVE-2009-1291 34754  View
244984 48578 CVE-2009-1291 http://www.tibco.com/multimedia/security_advisory_ems_tcm8-7558.txt  View
244985 48578 CVE-2009-1291 http://www.tibco.com/multimedia/security_advisory_rtworks_tcm8-7559.txt  View
244986 48578 CVE-2009-1291 http://www.tibco.com/multimedia/security_advisory_smartsockets_tcm8-7560.txt  View
244987 48578 CVE-2009-1291 http://www.tibco.com/services/support/advisories/default.jsp  View
244988 48578 CVE-2009-1291 http://www.tibco.com/services/support/advisories/smartsockets-sspfm-ems_advisory_20090428.jsp  View
244989 48578 CVE-2009-1291 ADV-2009-1198  View
244990 48578 CVE-2009-1291 smartsockets-udp-bo(50214)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
44933 JVNDB-2009-005940 TIBCO SmartSockets、SmartSockets 製品ファミリーおよび EMS におけるスタックベースのバッファオーバーフローの脆弱性 SmartSockets Server、RTworks Server、SmartSockets クライアントライブラリ、およびアドオン製品、RTworks ライブラリおよびコンポーネント、EMS Server、SmartMQ、iProcess Engine、ActiveMatrix 製品、および CA Enterprise Communicator で使用されている TIBCO SmartSockets、SmartSockets 製品ファミリー、Enterprise Message Service (EMS) には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2009-1291 38722 CVE-2009-1291 48578 10 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005940.html 2009-04-30 2012-12-20 View