Websphere Mq@6.0.2.2 Security Vulnerabilities and Issues — Websphere Mq@6.0.2.2 CVE List

Lucene search

IbmWebsphere Mq6.0.2.2

9 matches found

CVE•added 2009/06/03 5:0 p.m.•85 views

CVE-2009-0896

Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request.

10CVSS7.9AI score0.25836EPSS

CVE•added 2009/09/10 6:30 p.m.•60 views

CVE-2009-3160

IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.

8.8CVSS6.6AI score0.00656EPSS

CVE•added 2009/02/24 5:30 p.m.•45 views

CVE-2009-0439

Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands.

7.2CVSS6.4AI score0.00068EPSS

CVE•added 2011/10/30 7:55 p.m.•45 views

CVE-2009-0905

IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.

1.7CVSS6.6AI score0.00047EPSS

CVE•added 2011/10/30 7:55 p.m.•42 views

CVE-2009-0900

Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file.

4.1CVSS6.7AI score0.00052EPSS

CVE•added 2010/11/12 9:0 p.m.•42 views

CVE-2010-2637

IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application.

4.3CVSS6.3AI score0.00321EPSS

CVE•added 2011/01/12 1:0 a.m.•41 views

CVE-2011-0314

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.

6.5CVSS8AI score0.01446EPSS

CVE•added 2011/07/07 9:55 p.m.•37 views

CVE-2011-1224

IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application.

4.3CVSS6.4AI score0.00138EPSS

CVE•added 2010/10/20 6:0 p.m.•36 views

CVE-2010-0782

IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate.

4.3CVSS6.5AI score0.00102EPSS