Advisories
Vulnerability Database
PoC
Viruses
Research Lab

CVE-2008-4563


Published: 11-03-2009
Updated: 18-03-2009

Product:
ibm: tivoli_storage_manager_express 5.3
ibm: tivoli_storage_manager_express 5.3.7.3
ibm: tivoli_storage_manager 5.2.5.2
ibm: tivoli_storage_manager 5.2.5.3
ibm: tivoli_storage_manager 5.2.7
ibm: tivoli_storage_manager 5.2.8
ibm: tivoli_storage_manager 5.2.9
ibm: tivoli_storage_manager 5.3
ibm: tivoli_storage_manager 5.3.0
ibm: tivoli_storage_manager 5.3.1
ibm: tivoli_storage_manager 5.3.2
ibm: tivoli_storage_manager 5.3.2.4
ibm: tivoli_storage_manager 5.3.3
ibm: tivoli_storage_manager 5.3.4
ibm: tivoli_storage_manager 5.3.5.1
ibm: tivoli_storage_manager 5.3.6.1
ibm: tivoli_storage_manager 5.3.6.2
ibm: tivoli_storage_manager 5.4
ibm: tivoli_storage_manager 5.4.2.2
ibm: tivoli_storage_manager 5.4.2.3
ibm: tivoli_storage_manager 5.4.2.4
ibm: tivoli_storage_manager 5.4.4.0

Severity: High (10.0)

CVSS vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Potential loss type: Gain administrative access, Integrity, Confidentiality, Availability

Vulnerability description:
Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.

Patch available: Yes

References:
CONFIRM: http://www-01.ibm.com/support/docview.wss?uid=swg21377388
XF: http://xforce.iss.net/xforce/xfdb/49188
VUPEN: http://www.vupen.com/english/advisories/2009/0669
BID: http://www.securityfocus.com/bid/34077
SECTRACK: http://securitytracker.com/id?1021837
SECUNIA: http://secunia.com/advisories/34245
OSVDB: http://osvdb.org/52617
IDEFENSE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=7 ...
FULLDISC: http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0192.htm ...

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities th ...

02 september, 2010

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

Cisco Unified Presence contains two denial of service (DoS) vulnerabilities that affect the ...

02 september, 2010

Cisco Security Advisory: Cisco IOS Software TCP Denial of Service Vulnerability

Cisco IOS Software Release, 15.1(2)T is affected by a denial of service (DoS) vulner ...

13 august, 2010

MS10-060: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)

This security update resolves two privately reported vulnerabilities in Microsoft .NET Framework and ...

11 august, 2010

MS10-059: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)

This security update resolves one publicly disclosed vulnerability and one privately reported vulner ...

11 august, 2010

MS10-058: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)

This security update resolves two privately reported vulnerabilities in Microsoft Windows. The more ...

11 august, 2010

CVE-2010-3197

IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unspecified vectors.

National Vulnerability Database 31 august, 2010

CVE-2010-3196

IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view.

National Vulnerability Database 31 august, 2010

CVE-2010-3195

Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration."

National Vulnerability Database 31 august, 2010

CVE-2010-3194

The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended file access restrictions via unspecified vectors related to overwriting files owned by an instance owner.

National Vulnerability Database 31 august, 2010

CVE-2010-3193

Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors.

National Vulnerability Database 31 august, 2010

CVE-2010-2365

Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

National Vulnerability Database 31 august, 2010

CVE-2010-2364

Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

National Vulnerability Database 31 august, 2010

CVE-2010-3191

Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .cptx file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

National Vulnerability Database 31 august, 2010

CVE-2010-3190

Untrusted search path vulnerability in ATL MFC Trace Tool (AtlTraceTool8.exe), as used in Microsoft Visual Studio, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a TRC, cur, rs, rct, or res file.

National Vulnerability Database 31 august, 2010

CVE-2010-3189

The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.

National Vulnerability Database 31 august, 2010

CVE-2010-3188

SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via a custom field to the search page.

National Vulnerability Database 31 august, 2010

CVE-2010-1818

The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshaling of an untrusted pointer.

National Vulnerability Database 31 august, 2010

CVE-2010-3035

Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.

National Vulnerability Database 30 august, 2010

CVE-2010-2712

Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.

National Vulnerability Database 30 august, 2010

CVE-2010-2575

Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.

National Vulnerability Database 30 august, 2010
Search
Sun Microsystems

This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product

This Sun Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product.

14 april, 2010

This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product

This Alert covers CVE-2010-0893 for the mail component of the Sun Convergence product.

14 april, 2010

SunOS 5.10_x86: ucode driver patch

6905530 processor microcode code can panic when retrieving microcode revision.

02 february, 2010

Red Hat

[RHSA-2010:0670-01] Important: kernel security and bug fix update

Red Hat Security Advisory - Important: kernel security and bug fix update

02 september, 2010

[RHSA-2010:0661-01] Important: kernel security update

Red Hat Security Advisory - Important: kernel security update

30 august, 2010

[RHSA-2010:0660-01] Important: kernel security and bug fix update

Red Hat Security Advisory - Important: kernel security and bug fix update

30 august, 2010

╨ю╤

Microsoft Windows XP Indeo Filter DLL Hijacking PoC

Target: Microsoft Windows XP
Impact: Code execution

avast! <= 5.0.594 license files DLL Hijacking Exploit (mfc90loc.dll)

Target: avast! 5.0.594 and previous versions
Impact: Code execution

Windows Live Mail DLL Hijacking Exploit (dwmapi.dll)

Target: Windows Live Mail
Impact: Code execution

AdvertismentAbout ProjectContact UsCopyrightExportRSSMy SettingsMap