Vulnerability Description
Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager | <= 5.2.9 |
References
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261ExploitVendor Advisory
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.htmlExploitVendor Advisory
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261ExploitVendor Advisory
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.htmlExploitVendor Advisory
FAQ
What is CVE-2006-6309?
CVE-2006-6309 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via ...
How severe is CVE-2006-6309?
CVE-2006-6309 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6309?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager.