Unrated severityNVD Advisory· Published Mar 11, 2009· Updated Apr 23, 2026

CVE-2008-4563

Description

Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.

Affected products

IBM/Tivoli Storage Manager16 versions
cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:ibm:tivoli_storage_manager:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager:5.4.4.0:*:*:*:*:*:*:*
IBM/Tivoli Storage Manager Express4 versions
cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_storage_manager_express:5.3.7.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
secunia.com/advisories/34245nvdVendor Advisory
www.vupen.com/english/advisories/2009/0669nvdVendor Advisory
archives.neohapsis.com/archives/fulldisclosure/2009-03/0192.htmlnvd
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
osvdb.org/52617nvd
securitytracker.com/idnvd
www.securityfocus.com/bid/34077nvd
exchange.xforce.ibmcloud.com/vulnerabilities/49188nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.026
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000