Vulnerability Description
Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Storage Manager Client | 5.1 |
| Ibm | Tivoli Storage Manager Express | 5.3 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32604
- http://www-01.ibm.com/support/docview.wss?uid=swg21384389Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1235
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50328
- http://secunia.com/advisories/32604
- http://www-01.ibm.com/support/docview.wss?uid=swg21384389Vendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994Vendor Advisory
- http://www.vupen.com/english/advisories/2009/1235
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50328
FAQ
What is CVE-2009-1520?
CVE-2009-1520 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5....
How severe is CVE-2009-1520?
CVE-2009-1520 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1520?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Storage Manager Client, Ibm Tivoli Storage Manager Express.