{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-10-16T00:00:00", "descriptions": [{"lang": "en", "value": "Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts"}, {"name": "20071016 IRM Vendor Alerts: Six critical remote vulnerabilities in TIBCO SmartPGM FX", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/482353/100/0/threaded"}, {"name": "26092", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26092"}, {"name": "45276", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/45276"}, {"name": "3249", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3249"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5545", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.irmplc.com/index.php/111-Vendor-Alerts", "refsource": "MISC", "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts"}, {"name": "20071016 IRM Vendor Alerts: Six critical remote vulnerabilities in TIBCO SmartPGM FX", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/482353/100/0/threaded"}, {"name": "26092", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26092"}, {"name": "45276", "refsource": "OSVDB", "url": "http://osvdb.org/45276"}, {"name": "3249", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3249"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5545", "datePublished": "2007-10-18T20:00:00", "dateReserved": "2007-10-18T00:00:00", "dateUpdated": "2018-10-15T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tibco:smart_pgm_fx:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F1AD267-E214-44CF-B03F-0EAD5344440E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."}, {"lang": "es", "value": "Vulnerabilidad de cadena de formato en TIBCO SmartPGM FX permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados. NOTA: a fecha de 16/10/2007, la \u00fanica revelaci\u00f3n es un preaviso vago sin informaci\u00f3n de uso inmediato. Sin embargo, dado que proviene de un investigador reputado, se le ha asignado un identificador CVE con prop\u00f3sitos de seguimiento."}], "id": "CVE-2007-5545", "lastModified": "2018-10-15T21:45:36.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-18T20:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/45276"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3249"}, {"source": "cve@mitre.org", "url": "http://www.irmplc.com/index.php/111-Vendor-Alerts"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/482353/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26092"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-134"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}