CVE-2008-4563

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Storage Manager; Tivoli Storage Manager Express
Vendor: CVE Published:; 11 March 2009

Summary

Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.

References

http://www.securityfocus.com/bid/34077

vdb-entryx_refsource_BID

http://securitytracker.com/id?1021837

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21377388

x_refsource_CONFIRM

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 11, 2009
Vulnerability Reserved
Oct 14, 2008