Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rendezvous
(Tibco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-08-03 | CVE-2007-4161 | rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service (network instability) via a subject name with a leading (1) '*' (asterisk) or (2) '>' (greater than) wildcard character. | Rendezvous | N/A | ||
| 2007-08-03 | CVE-2007-4160 | The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when -no-multicast is omitted, uses a multicast group as the destination for a network message, which might make it easier for remote attackers to capture message contents by sniffing the network. | Rendezvous | N/A | ||
| 2007-08-03 | CVE-2007-4159 | index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous (RV) 7.5.2 allows remote attackers to obtain sensitive information, such as a user name and IP addresses, via a direct request. | Rendezvous | N/A | ||
| 2007-08-03 | CVE-2007-4158 | Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to cause a denial of service (memory consumption) via a packet with a length field of zero, a different vulnerability than CVE-2006-2830. | Rendezvous | N/A | ||
| 2006-09-11 | CVE-2006-4676 | TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file. | Rendezvous | N/A | ||
| 2006-06-05 | CVE-2006-2830 | Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface. | Hawk, Rendezvous, Runtime_agent | N/A |