cve/2019/CVE-2019-4087.md

### [CVE-2019-4087](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-4087)
![](https://img.shields.io/static/v1?label=Product&message=Spectrum%20Protect&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Gain%20Privileges&color=brightgreen)

### Description

IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly long request, a remote attacker could overflow a buffer and execute arbitrary code on the system with instance id privileges or cause the server or storage agent to crash. IBM X-Force ID: 157510.

### POC

#### Reference
- http://www.ibm.com/support/docview.wss?uid=ibm10882472

#### Github
No PoCs found on GitHub currently.