CVE-2009-3160

EUVD-2009-3143
IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_mq
6.0
ibmwebsphere_mq
6.0.0.0
ibmwebsphere_mq
6.0.1.0
ibmwebsphere_mq
6.0.1.1
ibmwebsphere_mq
6.0.2.0
ibmwebsphere_mq
6.0.2.1
ibmwebsphere_mq
6.0.2.2
ibmwebsphere_mq
6.0.2.3
ibmwebsphere_mq
6.0.2.4
ibmwebsphere_mq
6.0.2.5
ibmwebsphere_mq
6.0.2.6
ibmwebsphere_mq
6.0.2.7
ibmwebsphere_mq
7.0.0.0
ibmwebsphere_mq
7.0.0.1
ibmwebsphere_mq
7.0.0.2
ibmwebsphere_mq
7.0.1.0
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/36647
http://www-01.ibm.com/support/docview.wss?uid=swg24024153
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259
http://www.securityfocus.com/bid/36310
http://www.vupen.com/english/advisories/2009/2578
http://secunia.com/advisories/36647
http://www-01.ibm.com/support/docview.wss?uid=swg24024153
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259
http://www.securityfocus.com/bid/36310
http://www.vupen.com/english/advisories/2009/2578