9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Open Source zlib is vulnerable to a denial of service. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVEID: CVE-2016-9840**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by out-of-bounds pointer arithmetic in inftrees.c. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120508 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9841**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by out-of-bounds pointer arithmetic in inftrees.c. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120509 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9842**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by an undefined left shift of negative number. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120510 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9843**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by a big-endian out-of-bounds pointer. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120511 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
IBM WebSphere MQ V7.1
IBM WebSphere MQ 7.1.0.0 - 7.1.0.8 maintenance levels
IBM WebSphere MQ V7.5
IBM WebSphere MQ 7.5.0.0 - 7.5.0.7 maintenance levels
IBM MQ V8
IBM MQ 8.0.0.0 - 8.0.0.6 maintenance levels
IBM MQ Appliance V8
IBM MQ Appliance 8.0.0.0 - 8.0.0.6 maintenance levels
IBM MQ V9 LTS
IBM MQ V9.0.0.0 only
IBM MQ V9 CD
IBM MQ V9.0.1 and V9.0.2
IBM MQ Appliance V9 CD
IBM MQ Appliance V9.0.1 and V9.0.2
IBM WebSphere MQ V7.1
IBM WebSphere MQ V7.5
IBM MQ V8
IBM MQ Appliance V8
Apply Fix Pack 8.0.0.7 for MQ Appliance
IBM MQ V9 LTS
IBM MQ V9 CD
IBM MQ Appliance V9 CD
Upgrade to IBM MQ Appliance 9.0.3
All Versions
Disable Channel Compression
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P