CVE-2011-1315 — Missing Release of Memory after Effective Lifetime in IBM Websphere Application Server

CWE-3993 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.8%
top 25.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedMar 8
Latest updateMay 17

Description

Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to cause a denial of service (memory consumption) via network connections associated with a NULL return value from a synchronous JMS receive call.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDibm/websphere_application_server7.0.0.13+138

🔴Vulnerability Details

2
GHSA
GHSA-rcjj-rr24-fgwm: Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7↗2022-05-17
â–¶
CVEList
CVE-2011-1315: Memory leak in the messaging engine in IBM WebSphere Application Server (WAS) before 7↗2011-03-08
â–¶
CVE-2011-1315 — IBM vulnerability | cvebase