CVE-2007-4880 Information

Description

Buffer overflow in the Client Acceptor Daemon (CAD) dsmcad.exe in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1 5.2 before 5.2.5.2 5.3 before 5.3.5.3 and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers aka IC52905.

Reference

http://osvdb.org/38161 http://secunia.com/advisories/26883 http://securityreason.com/securityalert/3184 http://www.securityfocus.com/archive/1/480492 http://www.securityfocus.com/bid/25743 http://www.securitytracker.com/id?1018725 http://www.vupen.com/english/advisories/2007/3228 http://www.zerodayinitiative.com/advisories/ZDI-07-054.html http://www-1.ibm.com/support/docview.wss?uid=swg21268775 http://www-1.ibm.com/support/search.wss?rs=0&q=IC52905&apar=only https://exchange.xforce.ibmcloud.com/vulnerabilities/36700