Heap-based Buffer Overflow in IBM Tivoli Storage Manager Express
CVE-2008-4563

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager; Tivoli Storage Manager Express
Vendor: CVE Published:; 11 March 2009

Summary

A heap-based buffer overflow vulnerability exists in the adsmdll.dll component of IBM Tivoli Storage Manager Express. This flaw, found in versions 5.3.7.3 and earlier, 5.2, and certain versions of 5.3 and 5.4, allows remote attackers to execute arbitrary code by manipulating a crafted length value. This vulnerability can pose significant security threats as it could lead to unauthorized system access and compromises.

References

http://www.securityfocus.com/bid/34077

vdb-entryx_refsource_BID

http://securitytracker.com/id?1021837

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21377388

x_refsource_CONFIRM

EPSS Score

37% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 11, 2009
Vulnerability Reserved
Oct 14, 2008