CVE-2011-1223

high

Description

Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors.

References

http://www.securityfocus.com/bid/48519

http://www.ibm.com/support/docview.wss?uid=swg21457604

http://www.ibm.com/support/docview.wss?uid=swg1IC77052

http://securitytracker.com/id?1025741

http://secunia.com/advisories/45098

Details

Source: Mitre, NVD

Published: 2011-07-17

Updated: 2011-07-19

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High