Total
89 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-3159 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.8 HIGH | N/A |
Unspecified vulnerability in the rriDecompress function in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 allows remote attackers to cause a denial of service via unknown vectors. | |||||
CVE-2009-0905 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 1.7 LOW | N/A |
IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring. | |||||
CVE-2009-0900 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 4.1 MEDIUM | N/A |
Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file. | |||||
CVE-2009-0896 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 10.0 HIGH | N/A |
Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request. | |||||
CVE-2009-0439 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 7.2 HIGH | N/A |
Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands. | |||||
CVE-2008-1592 | 3 Hp, Ibm, Tandem Computers | 3 Nonstop, Websphere Mq, Tandem Operating System | 2024-11-21 | 4.6 MEDIUM | N/A |
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels." | |||||
CVE-2008-1130 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 6.6 MEDIUM | N/A |
Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14 allows attackers to bypass access restrictions for a queue manager via a SVRCONN (MQ client) channel. | |||||
CVE-2007-6705 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 3.3 LOW | N/A |
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process. | |||||
CVE-2007-6044 | 1 Ibm | 1 Websphere Mq | 2024-11-21 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in IBM WebSphere MQ 6.0 have unknown impact and remote attack vectors involving "memory corruption." NOTE: as of 20071116, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. |