CVE-2008-4563

Published Mar 11, 2009

Last updated 7 years ago

CVSS info 10.0

Overview

Description: Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA28A2C9-21A0-48E2-88DD-C2336D990523"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "801CCEC1-8DED-41C4-B6D2-38E4BEC74EA2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A263333E-DB86-41BE-A508-731079429E62"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E5F0611-DD8F-42A2-AFD7-1BCBD38BAB4F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25121FC4-9EE2-44AE-BEB3-02C3AB38DB61"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93FCB242-C35B-4CDB-AE62-3CA5D312586B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70016926-5776-4A04-8D55-5CA12D1DA9B4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "930B5AE2-CA47-47D7-96DE-F2B9F70337C8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FAA5227-C1F5-48C1-A207-096F228E305E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11E968D1-8198-4686-BFDD-8499CB435B56"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40A8E0C4-8509-4372-99C7-CFBA2100AEBE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5CBC191E-0CE6-4D9C-A75B-E3484AC3B4DE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F956AF3F-0BDF-4F4B-AB29-418C39BEC8D5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0642EDE5-7EBF-4FA3-9432-F82FE76EF9EB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4C19266-CDED-4DC0-8B50-560BA3B5DAC4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BD18D39-DA8A-4C58-A18B-14EB6BEFBFDE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E6A344-E062-4179-9CFA-CF912B4AED16"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A140293-8F4A-4AB4-9EE8-36D0EB398C66"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AABAD076-C9D6-481E-B9DC-CEB95C224979"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77114204-172B-4E6A-AFFE-E6123458F0C3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References