Vulnerabilities > Tibco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-19 | CVE-2011-3424 | Cross-Site Scripting vulnerability in Tibco products Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
| 2011-09-19 | CVE-2011-3423 | Cross-Site Scripting vulnerability in Tibco products Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-09-02 | CVE-2011-3134 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | 7.5 |
| 2011-09-02 | CVE-2011-3133 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
| 2011-09-02 | CVE-2011-3132 | Cross-Site Scripting vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-05-20 | CVE-2011-2021 | Cross-Site Scripting vulnerability in Tibco Iprocess Engine and Iprocess Workspace Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |
| 2011-05-20 | CVE-2011-2020 | Cross-Site Scripting vulnerability in Tibco Iprocess Engine and Iprocess Workspace Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-03-22 | CVE-2011-1414 | Cross-Site Scripting vulnerability in Tibco Tibbr and Tibbr Service Cross-site scripting (XSS) vulnerability in the tibbr web server, as used in TIBCO tibbr 1.0.0 through 1.5.0 and tibbr Service 1.0.0 through 1.5.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-02-04 | CVE-2011-0649 | Local Privilege Escalation vulnerability in Multiple TIBCO Products Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Daemon (rvsrd), and (4) EMS Server (tibemsd). | 7.2 |
| 2011-01-07 | CVE-2010-4499 | Input Validation vulnerability in TIBCO Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors. network tibco | 4.3 |