IBM WebSphere MQ Man-in-the-Middle Hijacking Vulnerability

IBM WebSphere MQ is a messaging middleware product from IBM, USA. IBM WebSphere MQ sends cryptographic data in clear text over the network, allowing remote attackers to exploit the vulnerability to sniff the network for sensitive information...

Design/Logic Flaw

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference : 1998649...

CVE-2016-8915

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference : 1998649...

CVE-2016-8986

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference : 1998648...

CVE-2016-8986

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference : 1998648...

CVE-2016-8986

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference : 1998648...

CVE-2016-8915

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference : 1998649...

CVE-2017-3417

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3416

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3415

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3416

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

Buffer overflow

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3417

CVE-2017-3417 affects Oracle E-Business Suite’s Oracle Universal Work Queue (User Interface) . Affected versions: 12.1.1–12.1.3, 12.2.3–12.2.6. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise the Work Queue, with attacks requiring user interaction....

CVE-2017-3416

The CVE-2017-3416 entry describes a vulnerability in Oracle E-Business Suite’s Oracle Universal Work Queue (UQ) UI. Affected versions are 12.1.1–12.2.6. The flaw is exploitable by an unauthenticated attacker who can reach the UQ over HTTP; however, successful exploitation requires human interacti...

CVE-2017-3416

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

CVE-2017-3415

CVE-2017-3415 affects Oracle E-Business Suite, specifically the Oracle Universal Work Queue component (UI subcomponent). Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. The vulnerability allows an unauthenticated attacker, with network access over HTTP, to compro...

CVE-2017-3416

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite subcomponent: User Interface. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network...

UBUNTU-CVE-2016-7938

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1printframe...

CVE-2017-3803

A vulnerability in the Cisco IOS Software forwarding queue of Cisco 2960X and 3750X switches could allow an unauthenticated, adjacent attacker to cause a memory leak in the software forwarding queue that would eventually lead to a partial denial of service DoS condition. More Information:...

Oracle E-Business Suite Remote Vulnerability (CNVD-2017-00964)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Universal Work Queue is one of the universal work queue component. A remote vulnerability exists in the Oracle Universal Work Queue component o...