Vulnerability Details CVE-2009-3160
IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.1%
CVSS Severity
CVSS v2 Score 8.8
References
- http://secunia.com/advisories/36647
- http://www-01.ibm.com/support/docview.wss?uid=swg24024153
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259
- http://www.securityfocus.com/bid/36310
- http://www.vupen.com/english/advisories/2009/2578
- http://secunia.com/advisories/36647
- http://www-01.ibm.com/support/docview.wss?uid=swg24024153
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259
- http://www.securityfocus.com/bid/36310
- http://www.vupen.com/english/advisories/2009/2578
Products affected by CVE-2009-3160
-
cpe:2.3:a:ibm:websphere_mq:6
-
cpe:2.3:a:ibm:websphere_mq:6.0
-
cpe:2.3:a:ibm:websphere_mq:6.0.0.0
-
cpe:2.3:a:ibm:websphere_mq:6.0.1.0
-
cpe:2.3:a:ibm:websphere_mq:6.0.1.1
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.0
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.1
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.2
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.3
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.4
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.5
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.6
-
cpe:2.3:a:ibm:websphere_mq:6.0.2.7
-
cpe:2.3:a:ibm:websphere_mq:7.0.0.0
-
cpe:2.3:a:ibm:websphere_mq:7.0.0.1
-
cpe:2.3:a:ibm:websphere_mq:7.0.0.2
-
cpe:2.3:a:ibm:websphere_mq:7.0.1.0