CVE-2007-4880

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
28/09/2007
Last modified:
09/04/2025

Description

Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager_client:5.4.1.1:*:*:*:*:*:*:*