CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2009-3160
https://notcve.org/view.php?id=CVE-2009-3160
10 Sep 2009 — IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue. IBM WebSphere MQ v6.x desde v6.0.2.7, v7.0.0.0, v7.0.0.1, v7.0.0.2, y v7.0.1.0, cuando "read ahead" o "asynchronous message consumption" esta activado, permite a atacantes remotos obtener un impacto desconocido a traves de vectores desconocidos, relacionado con l... • http://secunia.com/advisories/36647 •
CVSS: 10.0EPSS: 20%CPEs: 14EXPL: 0CVE-2009-0896
https://notcve.org/view.php?id=CVE-2009-0896
03 Jun 2009 — Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request. Desbordamiento de búfer en el gestor de cola en IBM WebSphere MQ v6.x anterior a v6.0.2.7 y v7.x anterior a v7.0.1.0, permite a atacantes remotos ejecutar código de su elección a través de una petición manipulada. • http://secunia.com/advisories/35303 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2009-0439
https://notcve.org/view.php?id=CVE-2009-0439
24 Feb 2009 — Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands. Vulnerabilidad no especificada en el gestor de cola de IBM WebSphere MQ (WMQ) v5.3, v6.0 anterior a v6.0.2.6 y v7.0 anterior a v7.0.0.2; permite a usuarios locales obtener privilegios a través de vectores relacionados con los comandos de autorización (1) se... • http://osvdb.org/52297 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-6705
https://notcve.org/view.php?id=CVE-2007-6705
09 Mar 2008 — The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process. El cliente WebSphere MQ XA 5.3 antes de FP13 y 6.0.x antes de 6.0.2.1 para Windows, cuando se ejecuta en un entorno MTS o COM+, garantiza el privilegio PROCESS_DUP_HANDLE al grupo Everyon... • http://osvdb.org/43167 • CWE-264: Permissions, Privileges, and Access Controls •