CVE-2016-5985

The IBM Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a system crash.

Published: Feb 1, 2017
Updated: Apr 13, 2023
CVE: CVE-2016-5985
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / tivoli_storage_manager	-	7.1.6.2.x
ibm / tivoli_storage_manager	7.1.0.0	7.1.0.0.x
ibm / tivoli_storage_manager	-	6.4.3.3.x
ibm / tivoli_storage_manager	6.4.0.0	6.4.0.0.x
ibm / tivoli_storage_manager	-	6.3.2.5.x
ibm / tivoli_storage_manager	6.3.0.0	6.3.0.0.x
ibm / tivoli_storage_manager	-	6.1.x
ibm / tivoli_storage_manager	-	6.2.x
ibm / tivoli_storage_manager	-	5.5.x

http://www.ibm.com/support/docview.wss?uid=swg21993695
http://www.securityfocus.com/bid/94808

Vulnerability Database

CVE-2016-5985