Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Websphere_mq
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 89 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2011-07-07 | CVE-2011-1224 | IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application. | Websphere_mq | N/A | ||
| 2011-01-12 | CVE-2011-0314 | Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue. | Websphere_mq | N/A | ||
| 2011-01-13 | CVE-2011-0310 | Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message. | Websphere_mq | N/A | ||
| 2010-11-15 | CVE-2010-2638 | Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 allows remote authenticated users to cause a denial of service (disk consumption) via vectors that trigger an FDC with an RM680004 Probe Id value. | Websphere_mq | N/A | ||
| 2010-11-12 | CVE-2010-2637 | IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and password in the security parameters field, which allows remote attackers to obtain sensitive information by sniffing the network traffic from a .NET client application. | Websphere_mq | N/A | ||
| 2010-10-20 | CVE-2010-0782 | IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate. | Websphere_mq | N/A | ||
| 2011-10-29 | CVE-2010-0780 | IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consumption) via multiple connection attempts to a stopped queue manager. | Websphere_mq | N/A | ||
| 2010-04-27 | CVE-2010-0772 | Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remote authenticated users to cause a denial of service (daemon crash) via "incorrect channel control data." | Websphere_mq | N/A | ||
| 2009-09-10 | CVE-2009-3161 | The server in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 allows attackers to cause a denial of service (trap) or possibly have unspecified other impact via malformed data. | Websphere_mq | N/A | ||
| 2009-09-10 | CVE-2009-3160 | IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue. | Websphere_mq | N/A |