CVE-2009-1520

Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors.

Published: May 5, 2009
Updated: Nov 9, 2025
CVE: CVE-2009-1520
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / tivoli_storage_manager_client	5.2.5.2	5.2.5.2.x
ibm / tivoli_storage_manager_client	5.1	5.1.x
ibm / tivoli_storage_manager_express	5.3.6.4	5.3.6.4.x
ibm / tivoli_storage_manager_client	5.3.6.3	5.3.6.3.x
ibm / tivoli_storage_manager_client	5.4.1.2	5.4.1.2.x
ibm / tivoli_storage_manager_express	5.3.3.0	5.3.3.0.x
ibm / tivoli_storage_manager_client	5.3	5.3.x
ibm / tivoli_storage_manager_client	5.4.1.1	5.4.1.1.x
ibm / tivoli_storage_manager_client	5.2.5.1	5.2.5.1.x
ibm / tivoli_storage_manager_client	5.1.8.2	5.1.8.2.x
ibm / tivoli_storage_manager_client	5.2.5.3	5.2.5.3.x
ibm / tivoli_storage_manager_client	5.4.1.96	5.4.1.96.x
ibm / tivoli_storage_manager_client	5.2	5.2.x
ibm / tivoli_storage_manager_client	5.3.5.3	5.3.5.3.x
ibm / tivoli_storage_manager_client	5.4	5.4.x
ibm / tivoli_storage_manager_client	5.3.5.2	5.3.5.2.x
ibm / tivoli_storage_manager_client	5.1.8.0	5.1.8.0.x
ibm / tivoli_storage_manager_express	5.3	5.3.x
ibm / tivoli_storage_manager_client	5.3.6.4	5.3.6.4.x

Vulnerability Database

308,681

CVE-2009-1520

Deep Security Visibility Without the Complexity