CVE-2009-3160 — IBM Websphere MQ vulnerability

4 documents4 sources

Severity

8.8HIGHNVD

EPSS

0.6%

top 29.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ

Timeline

PublishedSep 10

Latest updateMay 2

Description

IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.

CVSS vector

AV:N/AC:M/C:N/I:C/A:CExploitability: 8.6 | Impact: 9.2

Affected Packages1 packages

▶NVDibm/websphere_mq17 versions+16

Patches

Patch: www-01.ibm.com ↗Patch: www.vupen.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-vgcq-wc9x-jmjv: IBM WebSphere MQ 6↗2022-05-02

▶

CVEList

CVE-2009-3160: IBM WebSphere MQ 6↗2009-09-10

▶

💥Exploits & PoCs

Exploit-DB

EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities↗2009-10-01

▶