TIBCO Formvine vulnerability

   Original release date: Oct 23, 2012
   Last revised: --
   Source: TIBCO Software Inc.


Systems Affected

   TIBCO Formvine versions 3.1.0 through 3.2.0

   The following components are affected:

     * TIBCO Formvine Server


Description

   The TIBCO Formvine component listed above will fail to properly enforce
   access controls in some circumstances.  This may allow unauthorized users
   to access or modify information.

   TIBCO has released an update which addresses this issue.  TIBCO strongly
   recommends sites running the affected components to install the update
   and take corrective action as described below.


Impact

   The impact of this vulnerability may include information disclosure,
   modification or deletion.


Solution

   Upgrade TIBCO Formvine to version 3.2.1 or above.


References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2012-5302