Buffer Overflow in IBM Tivoli Storage Manager Client Software
CVE-2007-4880

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Client
Vendor: CVE Published:; 28 September 2007

Summary

A buffer overflow vulnerability exists in the Client Acceptor Daemon (CAD), dsmcad.exe, utilized by certain IBM Tivoli Storage Manager clients. This flaw permits remote attackers to execute arbitrary code by sending specially crafted HTTP headers to the affected service. This can compromise system integrity and allows unauthorized control over the affected systems, thereby posing significant security risks to organizational data and resources.

References

http://www.securityfocus.com/bid/25743

vdb-entryx_refsource_BID

http://www-1.ibm.com/support/docview.wss?uid=swg21268775

x_refsource_CONFIRM

http://www-1.ibm.com/support/search.wss?rs=0&q=IC52905&ap...

vendor-advisoryx_refsource_AIXAPAR

EPSS Score

88% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 28, 2007
Vulnerability Reserved
Sep 13, 2007