Security Advisory for TIBCO ActiveMatrix Service Grid 2.x

Products	Versions
TIBCO ActiveMatrix Service Grid	-
Not Applicable	-

Description

Description:

TIBCO ActiveMatrix vulnerability

   Original release date: Mar 8, 2012
   Last revised: --
   Source: TIBCO Software Inc.

Systems Affected

   TIBCO ActiveMatrix Service Grid version 2.X below 2.3.2
   TIBCO ActiveMatrix Service Bus version 2.X below 2.3.2
   TIBCO ActiveMatrix BusinessWorks Service Engine below 5.8.2

   The following components are affected:

     * TIBCO ActiveMatrix Runtime Platform

Description

   The TIBCO ActiveMatrix components listed above are affected by the
   following critical vulnerability:

   CVE-2012-0687 - Carefully crafted URLs may result in information
   disclosure.

   TIBCO has released updated versions of the affected components which
   address this issue.  TIBCO strongly recommends sites running the affected
   components to install the applicable update as described below.

Impact

   The impact of these vulnerabilities may include information modification,
   information disclosure, and denial of service.

Solution

   For each affected system, update to the corresponding software versions:

   TIBCO ActiveMatrix Service Grid 2.X version 2.3.2 or higher
   TIBCO ActiveMatrix Service Bus 2.X version 2.3.2 or higher
   TIBCO ActiveMatrix BusinessWorks Service Engine 5.8.X version 5.8.2 or higher

References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2012-0687

Environment

Product: TIBCO ActiveMatrix Service Grid Version: 2.3.1 OS: --------------------

Resolution

TIBCO ActiveMatrix vulnerability

   Original release date: Mar 8, 2012
   Last revised: --
   Source: TIBCO Software Inc.

Systems Affected

   TIBCO ActiveMatrix Service Grid version 2.X below 2.3.2
   TIBCO ActiveMatrix Service Bus version 2.X below 2.3.2
   TIBCO ActiveMatrix BusinessWorks Service Engine below 5.8.2

   The following components are affected:

     * TIBCO ActiveMatrix Runtime Platform

Description

   The TIBCO ActiveMatrix components listed above are affected by the
   following critical vulnerability:

   CVE-2012-0687 - Carefully crafted URLs may result in information
   disclosure.

   TIBCO has released updated versions of the affected components which
   address this issue.  TIBCO strongly recommends sites running the affected
   components to install the applicable update as described below.

Impact

   The impact of these vulnerabilities may include information modification,
   information disclosure, and denial of service.

Solution

   For each affected system, update to the corresponding software versions:

   TIBCO ActiveMatrix Service Grid 2.X version 2.3.2 or higher
   TIBCO ActiveMatrix Service Bus 2.X version 2.3.2 or higher
   TIBCO ActiveMatrix BusinessWorks Service Engine 5.8.X version 5.8.2 or higher

References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2012-0687

Issue/Introduction

Security Advisory for TIBCO ActiveMatrix Service Grid 2.x

Welcome to "KB Articles"