CVE-2008-4563

critical

Description

Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/49188

http://www.vupen.com/english/advisories/2009/0669

http://www.securityfocus.com/bid/34077

http://www-01.ibm.com/support/docview.wss?uid=swg21377388

http://securitytracker.com/id?1021837

http://secunia.com/advisories/34245

http://osvdb.org/52617

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=775

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0192.html

Details

Source: Mitre, NVD

Published: 2009-03-11

Updated: 2017-08-08

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical