CVE-2009-3160

critical

Description

IBM WebSphere MQ 6.x through 6.0.2.7, 7.0.0.0, 7.0.0.1, 7.0.0.2, and 7.0.1.0, when read ahead or asynchronous message consumption is enabled, allows attackers to have an unspecified impact via unknown vectors, related to a "memory overwrite" issue.

References

http://www.vupen.com/english/advisories/2009/2578

http://www.securityfocus.com/bid/36310

http://www-1.ibm.com/support/docview.wss?uid=swg1IZ56259

http://www-01.ibm.com/support/docview.wss?uid=swg24024153

http://secunia.com/advisories/36647

Details

Source: Mitre, NVD

Published: 2009-09-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 8.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00656