CVE-2010-3757
IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 & 6.1.0.0-6.1.0.1 - Remote Code Execution via Format String
Title source: llmDescription
Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. NOTE: this might overlap CVE-2010-3059.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-10-185/
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21443820
Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/514069/100/0/threaded
Scores
EPSS
0.0414
EPSS Percentile
89.6%
Details
CWE
CWE-78
Status
published
Products (10)
ibm/tivoli_storage_manager_fastback
5.5.0
ibm/tivoli_storage_manager_fastback
5.5.1
ibm/tivoli_storage_manager_fastback
5.5.2
ibm/tivoli_storage_manager_fastback
5.5.2.0
ibm/tivoli_storage_manager_fastback
5.5.3.0
ibm/tivoli_storage_manager_fastback
5.5.4.0
ibm/tivoli_storage_manager_fastback
5.5.5.0
ibm/tivoli_storage_manager_fastback
5.5.6.0
ibm/tivoli_storage_manager_fastback
6.1.0.0
ibm/tivoli_storage_manager_fastback
6.1.0.1
Published
Oct 05, 2010
Tracked Since
Feb 18, 2026