CVE-2010-0184
TIBCO Runtime Agent < 5.6.2 - Unprotected Domain Properties File Exposure via Weak Permissions
Title source: llmDescription
The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors.
References (5)
Core 5
Core References
Various Sources x_refsource_confirm
http://www.tibco.com/multimedia/security_advisory_runtime_agent_20100113_tcm8-10392.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37805
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0128
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38191
Vendor Advisory x_refsource_confirm
http://www.tibco.com/mk/advisory.jsp
Scores
EPSS
0.0003
EPSS Percentile
10.3%
Details
CWE
CWE-264
Status
published
Products (5)
tibco/runtime_agent
5.4.0
tibco/runtime_agent
5.5.3
tibco/runtime_agent
5.5.4
tibco/runtime_agent
5.6
tibco/runtime_agent
< 5.6.1
Published
Jan 14, 2010
Tracked Since
Feb 18, 2026