CVE-2008-4563

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (TSM) Express version 5.3.7.3 and earlier IBM Tivoli Storage Manager (TSM) versions 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0

Description A heap-based buffer overflow issue exists in the adsmdll.dll file, which is used by the dsmsvc.exe daemon in the backup server. This issue allows remote attackers to execute arbitrary code via a crafted length value.

Recommendations For IBM Tivoli Storage Manager (TSM) Express version 5.3.7.3 and earlier, update to a version later than 5.3.7.3. For IBM Tivoli Storage Manager (TSM) version 5.2, update to a version later than 5.2. For IBM Tivoli Storage Manager (TSM) version 5.3, update to version 5.3.6.0 or later. For IBM Tivoli Storage Manager (TSM) versions 5.4.0.0 through 5.4.4.0, update to a version later than 5.4.4.0.