Vulnerability Details CVE-2009-3853
Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.739
EPSS Ranking 98.7%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/32534
- http://secunia.com/secunia_research/2008-51/
- http://securitytracker.com/id?1023136
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036
- http://www-01.ibm.com/support/docview.wss?uid=swg21405562
- http://www.securityfocus.com/archive/1/507654/100/0/threaded
- http://www.vupen.com/english/advisories/2009/3132
- http://secunia.com/advisories/32534
- http://secunia.com/secunia_research/2008-51/
- http://securitytracker.com/id?1023136
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036
- http://www-01.ibm.com/support/docview.wss?uid=swg21405562
- http://www.securityfocus.com/archive/1/507654/100/0/threaded
- http://www.vupen.com/english/advisories/2009/3132
Products affected by CVE-2009-3853
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.6
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager:5.5.2
-
cpe:2.3:a:ibm:tivoli_storage_manager:6.1.0