Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2011-0649
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Daemon (rvsrd), and (4) EMS Server (tibemsd)..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.2/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:tibco:rendezvous:8.2.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:rendezvous:8.3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:enterprise_message_service:5.1.1:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:enterprise_message_service:5.1.0:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:enterprise_message_service:6.0.0:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:runtime_agent:5.7.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:runtime_agent:5.6.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:silver_bpm_service:1.0.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:silver_bpm_service:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:silver_cap_service:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:silver_cap_service:1.0.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:tibco:silver_businessworks_service:1.0.0:*:*:*:*:* |
Yes
|
- | - |
References
- http://www.securityfocus.com/bid/46104
- http://www.tibco.com/multimedia/rv_ems_security_advisory_20110201_tcm8-13185.txt
- http://secunia.com/advisories/43174
- http://secunia.com/advisories/43160
- http://www.vupen.com/english/advisories/2011/0269
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65105