CVE-2009-3853

Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
ibmtivoli_storage_manager
5.2.5.3
ibmtivoli_storage_manager
5.3
ibmtivoli_storage_manager
5.3.0
ibmtivoli_storage_manager
5.3.1
ibmtivoli_storage_manager
5.3.2
ibmtivoli_storage_manager
5.3.2.4
ibmtivoli_storage_manager
5.3.3
ibmtivoli_storage_manager
5.3.3
ibmtivoli_storage_manager
5.3.4
ibmtivoli_storage_manager
5.3.4
ibmtivoli_storage_manager
5.3.5
ibmtivoli_storage_manager
5.3.5.1
ibmtivoli_storage_manager
5.3.6
ibmtivoli_storage_manager
5.3.6.1
ibmtivoli_storage_manager
5.3.6.2
ibmtivoli_storage_manager
5.3.6.3
ibmtivoli_storage_manager
5.3.6.4
ibmtivoli_storage_manager
5.3.6.5
ibmtivoli_storage_manager
5.3.6.6
ibmtivoli_storage_manager
5.3.6.6
ibmtivoli_storage_manager
5.4.0
ibmtivoli_storage_manager
5.4.1
ibmtivoli_storage_manager
5.4.2
ibmtivoli_storage_manager
5.5.0
ibmtivoli_storage_manager
5.5.1
ibmtivoli_storage_manager
5.5.2
ibmtivoli_storage_manager
6.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32534
http://secunia.com/secunia_research/2008-51/
http://securitytracker.com/id?1023136
http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036
http://www-01.ibm.com/support/docview.wss?uid=swg21405562
http://www.securityfocus.com/archive/1/507654/100/0/threaded
http://www.vupen.com/english/advisories/2009/3132
http://secunia.com/advisories/32534
http://secunia.com/secunia_research/2008-51/
http://securitytracker.com/id?1023136
http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036
http://www-01.ibm.com/support/docview.wss?uid=swg21405562
http://www.securityfocus.com/archive/1/507654/100/0/threaded
http://www.vupen.com/english/advisories/2009/3132