N/A

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd.

N/A

N/A

TIBCO SmartSockets的RTserver组件栈溢出漏洞

TIBCO SmartSockets是用于通过独立通道传输消息的传送框架，RTserver是其中的服务器组件。 SmartSockets的RTserver组件在处理入站请求时存在栈溢出漏洞。如果远程攻击者向RTserver的UDP接口发送了超长请求的话，就可能触发这个溢出，导致执行任意指令。

N/A

N/A