CVE-2011-0314

IBM WebSphere MQ 6.0-6.0.2.10 and 7.0-7.0.1.4 - Authenticated Heap-based Buffer Overflow

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45801
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64550
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ81294
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42941

Scores

EPSS 0.0296
EPSS Percentile 85.6%

Details

CWE
CWE-119
Status published
Products (23)
ibm/websphere_mq 6.0
ibm/websphere_mq 6.0.1.0
ibm/websphere_mq 6.0.1.1
ibm/websphere_mq 6.0.2.0
ibm/websphere_mq 6.0.2.1
ibm/websphere_mq 6.0.2.2
ibm/websphere_mq 6.0.2.3
ibm/websphere_mq 6.0.2.4
ibm/websphere_mq 6.0.2.5
ibm/websphere_mq 6.0.2.6
... and 13 more
Published Jan 12, 2011
Tracked Since Feb 18, 2026