CVE-2011-1223

CWE-119 — Buffer Overflow3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 84.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Tivoli Storage Manager

Timeline

PublishedJul 17

Latest updateMay 17

Description

Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/tivoli_storage_manager5.4.3.3+31

🔴Vulnerability Details

GHSA

GHSA-x7pg-vc3g-6r22: Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM)↗2022-05-17

▶

CVEList

CVE-2011-1223: Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM)↗2011-07-17

▶