Vulnerability Details CVE-2006-6309
Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.1%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
Products affected by CVE-2006-6309
-
cpe:2.3:a:ibm:tivoli_storage_manager:-
-
cpe:2.3:a:ibm:tivoli_storage_manager:4.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.7
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.8
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.9
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3