fkie_nvd - fkie_cve-2009-1520

fkie_cve-2009-1520

Vulnerability from fkie_nvd

Published

2009-05-05 17:30

Modified

2025-04-09 00:30

Severity ?

Summary

Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/32604
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21384389	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/1235
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/50328
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32604
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21384389	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1235
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/50328

Impacted products

Vendor	Product	Version
ibm	tivoli_storage_manager_client	5.1
ibm	tivoli_storage_manager_client	5.1.8.0
ibm	tivoli_storage_manager_client	5.1.8.2
ibm	tivoli_storage_manager_client	5.2
ibm	tivoli_storage_manager_client	5.2.5.1
ibm	tivoli_storage_manager_client	5.2.5.2
ibm	tivoli_storage_manager_client	5.2.5.3
ibm	tivoli_storage_manager_client	5.3
ibm	tivoli_storage_manager_client	5.3.5.2
ibm	tivoli_storage_manager_client	5.3.5.3
ibm	tivoli_storage_manager_client	5.3.6.3
ibm	tivoli_storage_manager_client	5.3.6.4
ibm	tivoli_storage_manager_client	5.4
ibm	tivoli_storage_manager_client	5.4.1.1
ibm	tivoli_storage_manager_client	5.4.1.2
ibm	tivoli_storage_manager_client	5.4.1.96
ibm	tivoli_storage_manager_express	5.3
ibm	tivoli_storage_manager_express	5.3.3.0
ibm	tivoli_storage_manager_express	5.3.6.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249F29D-A30C-47DE-A2E7-1643506833B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF8BBC00-2EE5-4679-9A55-C160C3FE0502",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE65DEA-32C5-4AF3-BD3F-B6650BC7C3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0775DC8E-AFEF-4EC8-A42F-ACB266087F44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5CF5583-AD0F-41A9-A963-077D4592EE95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91C00917-D04A-480F-AE51-7F666A092A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD374314-ACC9-4F14-A65F-14761B04B483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E0A6F7-EB54-49AC-BA68-FFAFEEBF82B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "488891DD-FDF9-45B6-8E27-9488016617E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9FD3F9-CADE-4B7F-B44D-87910F093842",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E985452D-8819-493B-A505-98E393224AF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FADD1A6-5E07-4701-9846-389DBB980040",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DCA554F-03B3-44E1-A175-E3163445626E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "29442ECF-F9F0-42CE-92BD-0C04A8E2556C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "02303411-3A86-49B4-BF41-E7103E424F1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD6AF10-1F26-46AD-8137-E9246D09EC29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E6A344-E062-4179-9CFA-CF912B4AED16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A140293-8F4A-4AB4-9EE8-36D0EB398C66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AABAD076-C9D6-481E-B9DC-CEB95C224979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el interfaz gr\u00e1fico de usuario Web en el cliente IBM Tivoli Storage Manager (TSM) desde v5.1.0.0 hasta v5.1.8.2, desde v5.2.0.0 hasta v5.2.5.3, desde v5.3.0.0 hasta v5.3.6.4, desde v5.4.0.0 hasta v5.4.2.6, y desde v5.5.0.0 hasta v5.5.1.17 permite a atacantes producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores inespec\u00edficos."
    }
  ],
  "id": "CVE-2009-1520",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-05-05T17:30:00.280",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21384389"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/1235"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21384389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC59994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1235"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50328"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-1520 (GCVE-0-2009-1520)

Vulnerability from cvelistv5

Published

2009-05-05 17:00