CVE-2009-3160

Severity

88%

Complexity

86%

Confidentiality

153%

IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.

IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.

CVSS 2.0 Base Score 8.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:C/A:C).

Overview

Type

IBM WebSphere MQ

First reported 15 years ago

2009-09-10 18:30:00

Last updated 15 years ago

2009-10-01 05:24:00

Affected Software

IBM WebSphere MQ 6.0

6.0

IBM WebSphere MQ 6.0.1.0

6.0.1.0

IBM WebSphere MQ 6.0.1.1

6.0.1.1

IBM WebSphere MQ 6.0.2.0

6.0.2.0

IBM WebSphere MQ 6.0.2.1

6.0.2.1

IBM WebSphere MQ 6.0.2.2

6.0.2.2

IBM WebSphere MQ 6.0.2.3

6.0.2.3

IBM WebSphere MQ 6.0.2.4

6.0.2.4

IBM WebSphere MQ 6.0.2.5

6.0.2.5

IBM WebSphere MQ 6.0.2.6

6.0.2.6

IBM WebSphere MQ 6.0.2.7

6.0.2.7

IBM WebSphere MQ 7.0.0.1

7.0.0.1

IBM WebSphere MQ 7.0.0.2

7.0.0.2

IBM WebSphere MQ 7.0.1.0

7.0.1.0

References

36647

Vendor Advisory

36310

ADV-2009-2578

Patch, Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg24024153

Patch, Vendor Advisory

IZ56259

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.