CVE-2011-0314Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Websphere MQ

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
1.6%
top 18.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere MQ
Timeline
PublishedJan 12
Latest updateMay 17

Description

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDibm/websphere_mq23 versions+22

🔴Vulnerability Details

2
GHSA
GHSA-h6ph-4xc6-hpjh: Heap-based buffer overflow in IBM WebSphere MQ 62022-05-17
CVEList
CVE-2011-0314: Heap-based buffer overflow in IBM WebSphere MQ 62011-01-12
CVE-2011-0314 — IBM Websphere MQ vulnerability | cvebase