1. CVE-Search
  2. CVE-2009-3160
ID CVE-2009-3160
Summary IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:websphere_mq:6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:6.0.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:6.0.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:7.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:7.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:7.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:7.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:7.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:7.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:websphere_mq:7.0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:websphere_mq:7.0.1.0:*:*:*:*:*:*:*
CVSS
Base: 8.8 (as of 01-10-2009 - 05:24)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:C/A:C
refmap via4
aixapar IZ56259
bid 36310
confirm http://www-01.ibm.com/support/docview.wss?uid=swg24024153
secunia 36647
vupen ADV-2009-2578
Last major update 01-10-2009 - 05:24
Published 10-09-2009 - 18:30
Last modified 01-10-2009 - 05:24
Back to Top