CVE-2006-2829

Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for tibhawkhma.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.tibco.com/resources/mk/hawk_security_advisory.txt	Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/620516	Patch US Government Resource
http://www.securityfocus.com/bid/18300
http://secunia.com/advisories/20431	Vendor Advisory
http://securitytracker.com/id?1016223
http://www.vupen.com/english/advisories/2006/2156
https://exchange.xforce.ibmcloud.com/vulnerabilities/26938

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tibco:hawk_monitoring_agent::::::::
	cpe:2.3:a:tibco:runtime_agent:5.3:::::::*
	cpe:2.3:a:tibco:hawk:4.6.0:::::::*

Information

Published : 2006-06-05 13:06

Updated : 2017-07-19 18:31

NVD link : CVE-2006-2829

Mitre link : CVE-2006-2829

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

tibco

hawk_monitoring_agent
runtime_agent
hawk

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.tibco.com/resources/mk/hawk_security_advisory.txt", "name": "http://www.tibco.com/resources/mk/hawk_security_advisory.txt", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/620516", "name": "VU#620516", "tags": ["Patch", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/bid/18300", "name": "18300", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/20431", "name": "20431", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1016223", "name": "1016223", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2006/2156", "name": "ADV-2006-2156", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26938", "name": "tibco-hawk-monagent-bo(26938)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for tibhawkhma."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-2829", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-06-05T20:06Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:tibco:hawk_monitoring_agent:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tibco:runtime_agent:5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:tibco:hawk:4.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-20T01:31Z"}