Published: 17/07/2011 Updated: 19/07/2011

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) prior to 5.4.3.4, 5.5.x prior to 5.5.3, 6.x prior to 6.1.4, and 6.2.x prior to 6.2.2 on Windows allows local users to gain privileges via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm tivoli_storage_manager 5.3.3
ibm tivoli_storage_manager 5.2.7
ibm tivoli_storage_manager 5.1.8
ibm tivoli_storage_manager
ibm tivoli_storage_manager 5.5.1
ibm tivoli_storage_manager 5.3.6.1
ibm tivoli_storage_manager 6.1.0
ibm tivoli_storage_manager 5.4.1
ibm tivoli_storage_manager 5.4.2
ibm tivoli_storage_manager 5.4.3.0
ibm tivoli_storage_manager 5.4.3.2
ibm tivoli_storage_manager 5.3.6.4
ibm tivoli_storage_manager 5.3.6.3
ibm tivoli_storage_manager 5.3.6.6
ibm tivoli_storage_manager 5.3.6.5
ibm tivoli_storage_manager 5.3.1
ibm tivoli_storage_manager 5.2.8
ibm tivoli_storage_manager 5.2.9
ibm tivoli_storage_manager 5.2.5.1
ibm tivoli_storage_manager 6.1.1
ibm tivoli_storage_manager 6.1.3
ibm tivoli_storage_manager 6.1.2
ibm tivoli_storage_manager 6.2.1
ibm tivoli_storage_manager 6.2.0
ibm tivoli_storage_manager 5.3.2
ibm tivoli_storage_manager 5.3.0
ibm tivoli_storage_manager 4.2.1
ibm tivoli_storage_manager 4.2
ibm tivoli_storage_manager 5.5.2
ibm tivoli_storage_manager 5.5.0
ibm tivoli_storage_manager 5.3.6.2
ibm tivoli_storage_manager 6.0

CWE-119 http://www.securityfocus.com/bid/48519 http://www.ibm.com/support/docview.wss?uid=swg1IC77052 http://www.ibm.com/support/docview.wss?uid=swg21457604 http://secunia.com/advisories/45098 http://securitytracker.com/id?1025741 https://nvd.nist.gov

CVE-2011-1223

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect