Vulnerability Description
Multiple buffer overflows in TIBCO Software Enterprise Message Service (EMS) before 4.4.3, and iProcess Engine 10.6.0 through 10.6.1, allow remote attackers to execute arbitrary code via a crafted message to the EMS server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tibco | Enterprise Message Service | <= 4.4.2 |
| Tibco | Iprocess Engine | 10.6.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29775Vendor Advisory
- http://www.securityfocus.com/bid/28717
- http://www.securitytracker.com/id?1019826
- http://www.tibco.com/resources/mk/ems_security_advisory_20080409.txt
- http://www.vupen.com/english/advisories/2008/1190/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41761
- http://secunia.com/advisories/29775Vendor Advisory
- http://www.securityfocus.com/bid/28717
- http://www.securitytracker.com/id?1019826
- http://www.tibco.com/resources/mk/ems_security_advisory_20080409.txt
- http://www.vupen.com/english/advisories/2008/1190/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41761
FAQ
What is CVE-2008-1704?
CVE-2008-1704 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple buffer overflows in TIBCO Software Enterprise Message Service (EMS) before 4.4.3, and iProcess Engine 10.6.0 through 10.6.1, allow remote attackers to execute arbitrary code via a crafted mes...
How severe is CVE-2008-1704?
CVE-2008-1704 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1704?
Check the references section above for vendor advisories and patch information. Affected products include: Tibco Enterprise Message Service, Tibco Iprocess Engine.