fkie_nvd - fkie_cve-2009-3854

fkie_cve-2009-3854

Vulnerability from fkie_nvd

Published

2009-11-04 15:30

Modified

2025-04-09 00:30

Severity ?

Summary

Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/32534
cve@mitre.org	http://securitytracker.com/id?1023136
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21405562	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3132	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32534
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023136
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21405562	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3132	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	tivoli_storage_manager	5.2.5.3
ibm	tivoli_storage_manager	5.3
ibm	tivoli_storage_manager	5.3.0
ibm	tivoli_storage_manager	5.3.1
ibm	tivoli_storage_manager	5.3.2
ibm	tivoli_storage_manager	5.3.2.4
ibm	tivoli_storage_manager	5.3.3
ibm	tivoli_storage_manager	5.3.4
ibm	tivoli_storage_manager	5.3.5.1
ibm	tivoli_storage_manager	5.3.6.1
ibm	tivoli_storage_manager	5.3.6.2
ibm	tivoli_storage_manager	5.3.6.3
ibm	tivoli_storage_manager	5.3.6.4
ibm	tivoli_storage_manager	5.3.6.5
ibm	tivoli_storage_manager	5.3.6.6
ibm	tivoli_storage_manager	5.4.0
ibm	tivoli_storage_manager	5.4.1
ibm	tivoli_storage_manager	5.5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2585495-DB97-429F-87AC-4C4E92DE305D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "801CCEC1-8DED-41C4-B6D2-38E4BEC74EA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263333E-DB86-41BE-A508-731079429E62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5F0611-DD8F-42A2-AFD7-1BCBD38BAB4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "25121FC4-9EE2-44AE-BEB3-02C3AB38DB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "93FCB242-C35B-4CDB-AE62-3CA5D312586B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "70016926-5776-4A04-8D55-5CA12D1DA9B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "930B5AE2-CA47-47D7-96DE-F2B9F70337C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FAA5227-C1F5-48C1-A207-096F228E305E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74B38E6A-86AA-4C35-AF3F-7F77DF647235",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "271A29AC-0890-495D-8DF7-2530CEAF6C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43BE5332-C982-440A-A7AA-03B83415B444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "74E095D6-D6C9-4E21-9CBA-508D043C4286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD434E9-6D0E-4FDB-A39A-D9FAC7E825C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "22F74B9A-D31E-43E3-8A29-BFD09A9442F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E968D1-8198-4686-BFDD-8499CB435B56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40A8E0C4-8509-4372-99C7-CFBA2100AEBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0ADAA69-B258-4666-9AB7-7965429EA497",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en traditional client scheduler en the client en IBM Tivoli Storage Manager (TSM) v5.3 anteriores a v5.3.6.7 y v5.4 anteriores a v5.4.2"
    }
  ],
  "id": "CVE-2009-3854",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-11-04T15:30:00.703",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32534"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023136"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405562"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3132"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-3854 (GCVE-0-2009-3854)

Vulnerability from cvelistv5

Published

2009-11-04 15:00