CVE-2009-3855

critical

Description

Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors.

References

http://www.vupen.com/english/advisories/2009/3132

http://www-01.ibm.com/support/docview.wss?uid=swg21405562

http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489

http://secunia.com/advisories/32534

Details

Source: Mitre, NVD

Published: 2009-11-04

Updated: 2009-11-18

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical