CVE-2011-1223

IBM Tivoli Storage Manager < 5.4.3.4, 5.5.x < 5.5.3, 6.x < 6.1.4, 6.2.x < 6.2.2 - Local Privilege Escalation

Title source: llm
STIX 2.1

Description

Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors.

References (5)

Core 5
Core References
Various Sources x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21457604
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/48519
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1025741
Various Sources vendor-advisory x_refsource_aixapar
http://www.ibm.com/support/docview.wss?uid=swg1IC77052
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45098

Scores

EPSS 0.0039
EPSS Percentile 31.5%

Details

CWE
CWE-119
Status published
Products (32)
ibm/tivoli_storage_manager 4.2
ibm/tivoli_storage_manager 4.2.1
ibm/tivoli_storage_manager 5.1.8
ibm/tivoli_storage_manager 5.2.5.1
ibm/tivoli_storage_manager 5.2.7
ibm/tivoli_storage_manager 5.2.8
ibm/tivoli_storage_manager 5.2.9
ibm/tivoli_storage_manager 5.3.0
ibm/tivoli_storage_manager 5.3.1
ibm/tivoli_storage_manager 5.3.2
... and 22 more
Published Jul 17, 2011
Tracked Since Feb 18, 2026