Vulnerability Details CVE-2010-3757
Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. NOTE: this might overlap CVE-2010-3059.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.085
EPSS Ranking 91.9%
CVSS Severity
CVSS v2 Score 10.0
Products affected by CVE-2010-3757
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.1
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.3.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.4.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.5.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.6.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.0
-
cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1