Search
Find a vulnerability
Search criteria
8 vulnerabilities found for messaging_appliance by tibco
CVE-2015-4555 (GCVE-0-2015-4555)
Vulnerability from nvd – Published: 2015-08-30 14:00 – Updated: 2024-08-06 06:18
VLAI
Summary
Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1033677 | vdb-entryx_refsource_SECTRACK |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.tibco.com/assets/blt18493dc775c50c09/2… | x_refsource_CONFIRM |
Date Public
2015-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1033677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033677",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033677"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4555",
"datePublished": "2015-08-30T14:00:00.000Z",
"dateReserved": "2015-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:18:12.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2543 (GCVE-0-2014-2543)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:21
VLAI
Summary
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/66744 | vdb-entryx_refsource_BID |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2543",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:21:35.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2542 (GCVE-0-2014-2542)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/66737 | vdb-entryx_refsource_BID |
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/101873 | vdb-entryx_refsource_BID |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-18T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2542",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:14:26.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2541 (GCVE-0-2014-2541)
Vulnerability from nvd – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI
Summary
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2541",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:14:26.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4555 (GCVE-0-2015-4555)
Vulnerability from cvelistv5 – Published: 2015-08-30 14:00 – Updated: 2024-08-06 06:18
VLAI
Summary
Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1033677 | vdb-entryx_refsource_SECTRACK |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.tibco.com/assets/blt18493dc775c50c09/2… | x_refsource_CONFIRM |
Date Public
2015-08-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033677"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1033677",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033677"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rvrd), Secure Daemon (rvsd), Secure Routing Daemon (rvsrd), Gateway Daemon (rvgd), Daemon Adapter (rvda), Cache (rvcache), Agent (rva), and Relay Agent (rvrad) components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033677",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033677"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/assets/blt18493dc775c50c09/2015-002-advisory.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4555",
"datePublished": "2015-08-30T14:00:00.000Z",
"dateReserved": "2015-06-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T06:18:12.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2541 (GCVE-0-2014-2541)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI
Summary
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2541",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:14:26.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2542 (GCVE-0-2014-2542)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:14
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/66737 | vdb-entryx_refsource_BID |
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/101873 | vdb-entryx_refsource_BID |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-18T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "66737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2542",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66737"
},
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
},
{
"name": "101873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2542",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:14:26.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2543 (GCVE-0-2014-2543)
Vulnerability from cvelistv5 – Published: 2014-04-08 17:00 – Updated: 2024-08-06 10:21
VLAI
Summary
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.tibco.com/multimedia/rendezvous_adviso… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/66744 | vdb-entryx_refsource_BID |
| http://www.tibco.com/mk/advisory.jsp | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1030070 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:35.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T17:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66744"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030070"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/multimedia/rendezvous_advisory_20140408_tcm8-20763.txt"
},
{
"name": "66744",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66744"
},
{
"name": "http://www.tibco.com/mk/advisory.jsp",
"refsource": "CONFIRM",
"url": "http://www.tibco.com/mk/advisory.jsp"
},
{
"name": "1030070",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030070"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2543",
"datePublished": "2014-04-08T17:00:00.000Z",
"dateReserved": "2014-03-18T00:00:00.000Z",
"dateUpdated": "2024-08-06T10:21:35.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}