Security Advisory for TIBCO BusinessWorks 5.9.2 and below

Security Advisory for TIBCO BusinessWorks 5.9.2 and below

book

Article ID: KB0108174

calendar_today

Updated On:

Products Versions
TIBCO ActiveMatrix BusinessWorks -
Not Applicable -

Description

Description:
TIBCO BusinessWorks vulnerability

   Original release date: Mar 8, 2012
   Last revised: --
   Source: TIBCO Software Inc.


Systems Affected

   TIBCO ActiveMatrix BusinessWorks below 5.9.3
   TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2

   The following components are affected:

     * TIBCO BusinessWorks Engine


Description

   The TIBCO BusinessWorks components listed above are affected by the
   following critical vulnerability:

   CVE-2012-0687 - Carefully crafted URLs may result in information
   disclosure.

   TIBCO has released updated versions of the affected components which
   address this issue.  TIBCO strongly recommends sites running the affected
   components to install the applicable update as described below.


Impact

   The impact of these vulnerabilities may include information modification,
   information disclosure, and denial of service.


Solution

   For each affected system, update to the corresponding software versions:

   TIBCO ActiveMatrix BusinessWorks 5.9.3 or higher
   TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.3 or higher


References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2012-0687

Environment

Product: TIBCO BusinessWorks Version: 5.9.2 OS: --------------------

Resolution

TIBCO BusinessWorks vulnerability

   Original release date: Mar 8, 2012
   Last revised: --
   Source: TIBCO Software Inc.


Systems Affected

   TIBCO ActiveMatrix BusinessWorks below 5.9.3
   TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2

   The following components are affected:

     * TIBCO BusinessWorks Engine


Description

   The TIBCO BusinessWorks components listed above are affected by the
   following critical vulnerability:

   CVE-2012-0687 - Carefully crafted URLs may result in information
   disclosure.

   TIBCO has released updated versions of the affected components which
   address this issue.  TIBCO strongly recommends sites running the affected
   components to install the applicable update as described below.


Impact

   The impact of these vulnerabilities may include information modification,
   information disclosure, and denial of service.


Solution

   For each affected system, update to the corresponding software versions:

   TIBCO ActiveMatrix BusinessWorks 5.9.3 or higher
   TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.3 or higher


References

   http://www.tibco.com/mk/advisory.jsp
   CVE: CVE-2012-0687

Issue/Introduction

Security Advisory for TIBCO BusinessWorks 5.9.2 and below
Powered by Wolken Software