CVE-2007-5819

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Continuous Data Protection For Files
Vendor: CVE Published:; 5 November 2007

Summary

IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted write) for the Central Admin Global download directory, which allows local users to place arbitrary files into a location used for updating CDP clients.

References

http://www.vupen.com/english/advisories/2007/3683

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/38215

vdb-entryx_refsource_XF

http://secunia.com/advisories/27473

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Nov 5, 2007
Vulnerability Reserved
Nov 5, 2007