CyberSec.Space Logo
Back to CVE Browser

CVE-2007-4880

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile33.49th
PublishedSep 28, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.

Affected Platforms (CPE)

πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.1
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.1.8.0
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.2
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.2.5.1
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.3
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.3.5.2
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.4
πŸ“¦
Ibm

Tivoli Storage Manager Client

= 5.4.1.1

References & Advisories

πŸ”— http://osvdb.org/38161
πŸ”— http://secunia.com/advisories/26883
πŸ”— http://securityreason.com/securityalert/3184
πŸ”— http://www-1.ibm.com/support/docview.wss?uid=swg21268775
πŸ”— http://www-1.ibm.com/support/search.wss?rs=0&q=IC52905&apar=only
πŸ”— http://www.securityfocus.com/archive/1/480492
πŸ”— http://www.securityfocus.com/bid/25743
πŸ”— http://www.securitytracker.com/id?1018725

Related Vulnerabilities

CVE-2008-480110.0

Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the...

CVE-2008-482810.0

Multiple stack-based buffer overflows in dsmagent.exe in the Remote Agent Service in the IBM Tivoli Storage Manager (TSM) client 5...

CVE-2009-152010.0

Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5....

CVE-2009-086910.0

Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0....