Heap-Based Buffer Overflow in IBM Tivoli Storage Manager Express Backup Server
CVE-2008-0247

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager Express
Vendor: CVE Published:; 12 January 2008

What is CVE-2008-0247?

A heap-based buffer overflow exists in the Express Backup Server service (dsmsvc.exe) of IBM Tivoli Storage Manager Express before version 5.3.7.3. This vulnerability can be exploited by remote attackers to execute arbitrary code on the affected system using specially crafted packets with excessive length values, potentially compromising the integrity of the server and the data it manages. Timely updates and proper configuration are essential to mitigate this risk.

References

http://secunia.com/advisories/28440

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/39604

vdb-entryx_refsource_XF

http://www.zerodayinitiative.com/advisories/ZDI-08-001.html

x_refsource_MISC

EPSS Score

36% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 12, 2008
Vulnerability Reserved
Jan 11, 2008