IBM Tivoli Storage Manager Express Backup Heap Corruption
Publish Date: 21 juillet 2015
Gravité: : Critique
Identifiant(s) CVE: : CVE-2008-4563
Date du conseil: 21 juillet 2015
Description
Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003393
Trend Micro Deep Security DPI Rule Name: 1003393 - IBM Tivoli Storage Manager Express Backup Heap Corruption
Affected software and version:
- ibm tivoli_storage_manager 5.2
- ibm tivoli_storage_manager 5.3
- ibm tivoli_storage_manager 5.3.0
- ibm tivoli_storage_manager 5.3.1
- ibm tivoli_storage_manager 5.3.2
- ibm tivoli_storage_manager 5.3.2.4
- ibm tivoli_storage_manager 5.3.3
- ibm tivoli_storage_manager 5.3.4
- ibm tivoli_storage_manager 5.3.5.1
- ibm tivoli_storage_manager 5.4.0
- ibm tivoli_storage_manager 5.4.1
- ibm tivoli_storage_manager 5.4.2
- ibm tivoli_storage_manager 5.4.2.2
- ibm tivoli_storage_manager 5.4.2.3
- ibm tivoli_storage_manager 5.4.2.4
- ibm tivoli_storage_manager 5.4.4.0
- ibm tivoli_storage_manager_express 5.3
- ibm tivoli_storage_manager_express 5.3.3.0
- ibm tivoli_storage_manager_express 5.3.6.4
- ibm tivoli_storage_manager_express 5.3.7.3