Vulnerabilities > Tibco > Rendezvous > 7.4.11

DATE CVE VULNERABILITY TITLE RISK
2014-04-08 CVE-2014-2543 Buffer Errors vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected client and transmitting crafted data.
network
low complexity
tibco CWE-119
7.5
7.5
2014-04-08 CVE-2014-2542 Cross-Site Scripting vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
tibco CWE-79
4.3
4.3
2014-04-08 CVE-2014-2541 Permissions, Privileges, and Access Controls vulnerability in Tibco Messaging Appliance, Rendezvous and Substantiation ES
The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors.
network
low complexity
tibco CWE-264
5.0
5.0