The host is installed with IBM Tivoli Storage Manager before 5.4.3.4 or 5.5.x before 5.5.3 or 6.x before 6.1.4 or 6.2.x before 6.2.2 and is prone to buffer overflow vulnerability. A flaw is present in the application which fails to handle Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client. Successful exploitation could allow local users to gain privileges via unspecified vectors.