TIBCO Formvine vulnerability

2012.10.26
Credit: Tibco
Risk: Medium
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

TIBCO Formvine vulnerability Original release date: Oct 23, 2012 Last revised: -- Source: TIBCO Software Inc. Systems Affected TIBCO Formvine versions 3.1.0 through 3.2.0 The following components are affected: * TIBCO Formvine Server Description The TIBCO Formvine component listed above will fail to properly enforce access controls in some circumstances. This may allow unauthorized users to access or modify information. TIBCO has released an update which addresses this issue. TIBCO strongly recommends sites running the affected components to install the update and take corrective action as described below. Impact The impact of this vulnerability may include information disclosure, modification or deletion. Solution Upgrade TIBCO Formvine to version 3.2.1 or above. References http://www.tibco.com/mk/advisory.jsp CVE: CVE-2012-5302

References:

http://www.tibco.com/services/support/advisories/formvine-advisory_20121023.jsp
http://www.tibco.com/multimedia/formvine-advisory-2012-10-23_tcm8-17451.txt
http://www.tibco.com/mk/advisory.jsp


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top