Websphere Mq@6.0.2.7 Security Vulnerabilities and Issues — Websphere Mq@6.0.2.7 CVE List

Lucene search

IbmWebsphere Mq6.0.2.7

3 matches found

CVE•added 2011/10/30 7:55 p.m.•42 views

CVE-2009-0905

IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.

1.7CVSS6.6AI score0.00049EPSS

CVE•added 2011/01/12 1:0 a.m.•39 views

CVE-2011-0314

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.

6.5CVSS8AI score0.01606EPSS

CVE•added 2011/07/07 9:55 p.m.•34 views

CVE-2011-1224

IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application.

4.3CVSS6.4AI score0.0012EPSS