IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7247224 |
![]() ![]() |
History
Thu, 16 Oct 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ibm infosphere Data Replication Vsam For Z\/os Remote Source
|
|
CPEs | cpe:2.3:a:ibm:infosphere_data_replication_vsam_for_z\/os_remote_source:11.4:*:*:*:*:*:*:* | |
Vendors & Products |
Ibm infosphere Data Replication Vsam For Z\/os Remote Source
|
Tue, 07 Oct 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 07 Oct 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system. | |
Title | IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution | |
First Time appeared |
Ibm
Ibm infosphere Data Replication |
|
Weaknesses | CWE-119 | |
CPEs | cpe:2.3:a:ibm:infosphere_data_replication:11.4:*:*:*:*:*:*:* | |
Vendors & Products |
Ibm
Ibm infosphere Data Replication |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published: 2025-10-07T17:36:57.964Z
Updated: 2025-10-08T03:55:22.946Z
Reserved: 2025-04-15T21:16:20.813Z
Link: CVE-2025-36156

Updated: 2025-10-07T18:12:54.154Z

Status : Analyzed
Published: 2025-10-07T18:15:59.167
Modified: 2025-10-16T17:44:10.913
Link: CVE-2025-36156

No data.