CVE-2009-0896

Опубликовано: 03 июн. 2009

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request.

Ссылки

http://secunia.com/advisories/35303
Vendor Advisory
http://securitytracker.com/id?1022311
http://www-01.ibm.com/support/docview.wss?uid=swg21386826
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ50784
http://www.securityfocus.com/bid/35170
http://www.vupen.com/english/advisories/2009/1463
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50641
http://secunia.com/advisories/35303
Vendor Advisory
http://securitytracker.com/id?1022311
http://www-01.ibm.com/support/docview.wss?uid=swg21386826
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ50784
http://www.securityfocus.com/bid/35170
http://www.vupen.com/english/advisories/2009/1463
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/50641

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_mq:6.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:6.0.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.22775

Средний

10 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-hjvf-5wjr-24jf

github

почти 4 года назад