Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for tibhawkhma.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Hawk | Tibco | 4.6.0 (including) | 4.6.0 (including) |
| Hawk_monitoring_agent | Tibco | * | * |
| Runtime_agent | Tibco | 5.3 (including) | 5.3 (including) |
References
- http://secunia.com/advisories/20431
- http://securitytracker.com/id?1016223
- http://www.kb.cert.org/vuls/id/620516
- http://www.securityfocus.com/bid/18300
- http://www.tibco.com/resources/mk/hawk_security_advisory.txt
- http://www.vupen.com/english/advisories/2006/2156
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26938
- http://secunia.com/advisories/20431
- http://securitytracker.com/id?1016223
- http://www.kb.cert.org/vuls/id/620516
- http://www.securityfocus.com/bid/18300
- http://www.tibco.com/resources/mk/hawk_security_advisory.txt
- http://www.vupen.com/english/advisories/2006/2156
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26938