Vulnerabilities > Tibco

DATE CVE VULNERABILITY TITLE RISK
2011-09-19 CVE-2011-3423 Cross-Site Scripting vulnerability in Tibco products
Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
tibco CWE-79
4.3
2011-09-02 CVE-2011-3134 Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server
Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL.
network
low complexity
tibco
7.5
2011-09-02 CVE-2011-3133 Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server
Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors.
network
tibco
4.3
2011-09-02 CVE-2011-3132 Cross-Site Scripting vulnerability in Tibco Spotfire Analytics Server and Spotfire Server
Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
tibco CWE-79
4.3
2011-05-20 CVE-2011-2021 Cross-Site Scripting vulnerability in Tibco Iprocess Engine and Iprocess Workspace
Session fixation vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to hijack web sessions via unspecified vectors.
network
tibco
4.3
2011-05-20 CVE-2011-2020 Cross-Site Scripting vulnerability in Tibco Iprocess Engine and Iprocess Workspace
Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
tibco CWE-79
4.3
2011-03-22 CVE-2011-1414 Cross-Site Scripting vulnerability in Tibco Tibbr and Tibbr Service
Cross-site scripting (XSS) vulnerability in the tibbr web server, as used in TIBCO tibbr 1.0.0 through 1.5.0 and tibbr Service 1.0.0 through 1.5.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
tibco CWE-79
4.3
2011-02-04 CVE-2011-0649 Local Privilege Escalation vulnerability in Multiple TIBCO Products
Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Daemon (rvsrd), and (4) EMS Server (tibemsd).
local
low complexity
tibco
7.2
2011-01-07 CVE-2010-4499 Input Validation vulnerability in TIBCO
Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors.
network
tibco
4.3
2011-01-07 CVE-2010-4498 Input Validation vulnerability in TIBCO
Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL.
network
low complexity
tibco
7.5