CVE-2010-0184 | Vulnerability Database | Aqua Security

The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Runtime_agent	Tibco	*	5.6.1 (including)
Runtime_agent	Tibco	5.4.0 (including)	5.4.0 (including)
Runtime_agent	Tibco	5.5.3 (including)	5.5.3 (including)
Runtime_agent	Tibco	5.5.4 (including)	5.5.4 (including)
Runtime_agent	Tibco	5.6 (including)	5.6 (including)

References

http://secunia.com/advisories/38191
http://www.securityfocus.com/bid/37805
http://www.tibco.com/mk/advisory.jsp
http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt
http://www.vupen.com/english/advisories/2010/0128

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-0184
CWE	https://cwe.mitre.org/data/definitions/264.html