Vulnerabilities > IBM > Websphere MQ > 7.0.1.1

DATE CVE VULNERABILITY TITLE RISK
2011-07-07 CVE-2011-1224 Permissions, Privileges, and Access Controls vulnerability in IBM Websphere MQ
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application.
network
ibm CWE-264
4.3
4.3
2011-01-13 CVE-2011-0310 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Websphere MQ
Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message.
network
ibm CWE-119
6.8
6.8
2011-01-12 CVE-2011-0314 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Websphere MQ
Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code or cause a denial of service (queue manager crash) by inserting an invalid message into the queue.
network
low complexity
ibm CWE-119
6.5
6.5
2010-11-15 CVE-2010-2638 Resource Management Errors vulnerability in IBM Websphere MQ
Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 allows remote authenticated users to cause a denial of service (disk consumption) via vectors that trigger an FDC with an RM680004 Probe Id value.
network
low complexity
ibm CWE-399
4.0
4.0
2010-10-20 CVE-2010-0782 Unspecified vulnerability in IBM Websphere MQ
IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate.
network
ibm
4.3
4.3
2010-04-27 CVE-2010-0772 Unspecified vulnerability in IBM Websphere MQ 7.0.0/7.0.1/7.0.1.1
Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remote authenticated users to cause a denial of service (daemon crash) via "incorrect channel control data."
network
low complexity
ibm
4.0
4.0