Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5953

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-5953
Last Modified 20 Feb 2013 12:00:00
Published 20 Feb 2013 07:09:22
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5953

Summary

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string.

Vulnerable Systems

Application

  • Ibm Websphere Message Broker 6.1

  • Ibm Websphere Message Broker 6.1.0.1

  • Ibm Websphere Message Broker 6.1.0.10

  • Ibm Websphere Message Broker 6.1.0.11

  • Ibm Websphere Message Broker 6.1.0.2

  • Ibm Websphere Message Broker 6.1.0.3

  • Ibm Websphere Message Broker 6.1.0.4

  • Ibm Websphere Message Broker 6.1.0.5

  • Ibm Websphere Message Broker 6.1.0.6

  • Ibm Websphere Message Broker 6.1.0.7

  • Ibm Websphere Message Broker 6.1.0.8

  • Ibm Websphere Message Broker 6.1.0.9

  • Ibm Websphere Message Broker 7.0.

  • Ibm Websphere Message Broker 7.0.0.1

  • Ibm Websphere Message Broker 7.0.0.2

  • Ibm Websphere Message Broker 7.0.0.3

  • Ibm Websphere Message Broker 7.0.0.4

  • Ibm Websphere Message Broker 7.0.0.5

  • Ibm Websphere Message Broker 8.0

  • Ibm Websphere Message Broker 8.0.0.1


References

XF - wmb-dataflowengine-dos(80667)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21623316

AIXAPAR - PM75015


Last Updated: 27 May 2016 11:01:54