CVE-2006-6309

2006-12-0620:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ibm

tivoli storage manager

tsm

array index errors

memory access

denial of service

cve-2006-6309

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.056 Low

EPSS

Percentile

93.2%

JSON

Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.

CPENameOperatorVersion
ibm:tivoli_storage_manageribm tivoli storage managereq5.3.1
ibm:tivoli_storage_manageribm tivoli storage managereq5.3.3
ibm:tivoli_storage_manageribm tivoli storage managereq5.3.0
ibm:tivoli_storage_manageribm tivoli storage managerle5.2.9
ibm:tivoli_storage_manageribm tivoli storage managereq5.3.2

CPE	Name	Operator	Version
ibm:tivoli_storage_manager	ibm tivoli storage manager	eq	5.3.1
ibm:tivoli_storage_manager	ibm tivoli storage manager	eq	5.3.3
ibm:tivoli_storage_manager	ibm tivoli storage manager	eq	5.3.0
ibm:tivoli_storage_manager	ibm tivoli storage manager	le	5.2.9
ibm:tivoli_storage_manager	ibm tivoli storage manager	eq	5.3.2