|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=638
|
| |
Vulnerable Systems:
* TIBCO SmartSockets version 6.8.0
A heap overflow vulnerability exists within the code responsible for processing requests. Two distinct values from the request are used for the allocation size and the amount of data copied. Since both values are attacker controlled, this can lead to a heap overflow, potentially resulting in the execution of arbitrary code.
Analysis:
Exploitation allows an attacker to execute arbitrary code with SYSTEM privileges. Unsuccessful attempts will likely crash the RTserver. The service does not restart, which makes repeated exploitation attempts more difficult.
The RTserver is the core component of the SmartSockets framework. Without it, applications will be unable to pass messages.
Vendor response:
TIBCO has addressed this vulnerability by releasing new versions of their software. For more information, consult their advisory at the following URL: http://www.tibco.com/mk/advisory.jsp
CVE Information:
CVE-2007-5658
Disclosure Timeline:
10/23/2007 - Initial vendor notification
12/04/2007 - Second vendor notification
12/05/2007 - Initial vendor response
01/15/2008 - Coordinated public disclosure
|
|
|
|
|
