CVE-2007-4880

Sažetak

Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.

Reference

http://osvdb.org/38161
http://secunia.com/advisories/26883
http://securityreason.com/securityalert/3184
http://www.securityfocus.com/archive/1/480492
http://www.securityfocus.com/bid/25743
http://www.securitytracker.com/id?1018725
http://www.vupen.com/english/advisories/2007/3228
http://www.zerodayinitiative.com/advisories/ZDI-07-054.html
http://www-1.ibm.com/support/docview.wss?uid=swg21268775
http://www-1.ibm.com/support/search.wss?rs=0&q=IC52905&apar=only
https://exchange.xforce.ibmcloud.com/vulnerabilities/36700

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:33

Objavljeno

28-09-2007 - 00:17