Vulnerabilities > IBM > Websphere MQ > 6.0.2.0

DATE CVE VULNERABILITY TITLE RISK
2009-06-03 CVE-2009-0896 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Websphere MQ
Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request.
network
low complexity
ibm CWE-119
critical
 10.0
10
2009-02-24 CVE-2009-0439 Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ
Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands.
local
low complexity
ibm CWE-264
7.2
7.2
2008-03-09 CVE-2007-6705 Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ
The WebSphere MQ XA 5.3 before FP13 and 6.0.x before 6.0.2.1 client for Windows, when running in an MTS or a COM+ environment, grants the PROCESS_DUP_HANDLE privilege to the Everyone group upon connection to a queue manager, which allows local users to duplicate an arbitrary handle and possibly hijack an arbitrary process.
local
ibm CWE-264
3.3
3.3