CVE-2019-4267

Published: Jul 22, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerable to a buffer overflow. This could allow execution of arbitrary code on the local system or the application to crash. IBM X-Force ID: 160200.

Affected (2)

Products: Ibm: Spectrum Protect

Ibm

1 product

Spectrum Protect

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Spectrum Protect	From 7.1.0.0 to 7.1.8.6
Ibm Spectrum Protect	From 8.1.0.0 to 8.1.8.0

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (4)

http://www.ibm.com/support/docview.wss?uid=ibm10884768

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/160200

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www.ibm.com/support/docview.wss?uid=ibm10884768

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/160200

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.