CVE-2009-0900
IBM WebSphere MQ 6.0-6.0.2.6 and 7.0-7.0.0.9 - Local Privilege Escalation via Crafted SSL Information in CCDT File
Title source: llmDescription
Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file.
References (2)
Core 2
Core References
Various Sources vendor-advisory
x_refsource_aixapar
http://www.ibm.com/support/docview.wss?uid=swg1IC59375
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/51038
Scores
EPSS
0.0032
EPSS Percentile
24.1%
Details
CWE
CWE-119
Status
published
Products (14)
ibm/websphere_mq
6.0
ibm/websphere_mq
6.0.1.0
ibm/websphere_mq
6.0.1.1
ibm/websphere_mq
6.0.2.0
ibm/websphere_mq
6.0.2.1
ibm/websphere_mq
6.0.2.2
ibm/websphere_mq
6.0.2.3
ibm/websphere_mq
6.0.2.4
ibm/websphere_mq
6.0.2.5
ibm/websphere_mq
6.0.2.6
... and 4 more
Published
Oct 30, 2011
Tracked Since
Feb 18, 2026