PT-2008-4743 · Tibco · Tibco Hawk Ami C Library+5
Published
2008-08-13
·
Updated
2017-08-08
·
CVE-2008-3338
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
TIBCO Hawk versions prior to 4.8.1
TIBCO Runtime Agent (TRA) versions prior to 5.6.0
TIBCO iProcess Engine versions 10.3.0 through 10.6.2 and 11.0.0
TIBCO Mainframe Service Tracker versions prior to 1.1.0
Description
The issue is related to multiple buffer overflows in the TIBCO Hawk AMI C library and Hawk HMA, which could allow remote attackers to execute arbitrary code via a crafted message.
Recommendations
For TIBCO Hawk versions prior to 4.8.1, update to version 4.8.1 or later.
For TIBCO Runtime Agent (TRA) versions prior to 5.6.0, update to version 5.6.0 or later.
For TIBCO iProcess Engine versions 10.3.0 through 10.6.2 and 11.0.0, update to a version outside of the affected range.
For TIBCO Mainframe Service Tracker versions prior to 1.1.0, update to version 1.1.0 or later.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hawk Hma
Tibco Hawk
Tibco Hawk Ami C Library
Tibco Mainframe Service Tracker
Tibco Runtime Agent
Tibco Iprocess Engine