CVE-2011-0310 - Vulnerability Details - OpenCVE

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Websphere Mq

Configuration 1 [-]

OR	cpe:2.3:a:ibm:websphere_mq:7.0:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.0.1:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.0.2:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.1.0:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.1.1:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.1.2:::::::*
	cpe:2.3:a:ibm:websphere_mq:7.0.1.3:::::::*

No data.

References

Link	Providers
http://osvdb.org/70476
http://secunia.com/advisories/42958
http://www-01.ibm.com/support/docview.wss?uid=swg27014224
http://www.securityfocus.com/bid/45923
http://www.vupen.com/english/advisories/2011/0128
https://exchange.xforce.ibmcloud.com/vulnerabilities/64628
https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-01-13T18:35:00

Updated: 2024-08-06T21:51:07.672Z

Reserved: 2011-01-06T00:00:00

Link: CVE-2011-0310

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-01-13T19:00:05.930

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-0310

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "70476", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/70476"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "45923", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45923"}, {"name": "ADV-2011-0128", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0128"}, {"name": "42958", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42958"}, {"name": "wmq-messageheader-bo(64628)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64628"}, {"name": "IZ77607", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-0310", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "70476", "refsource": "OSVDB", "url": "http://osvdb.org/70476"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "45923", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45923"}, {"name": "ADV-2011-0128", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0128"}, {"name": "42958", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42958"}, {"name": "wmq-messageheader-bo(64628)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64628"}, {"name": "IZ77607", "refsource": "AIXAPAR", "url": "https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:51:07.672Z"}, "title": "CVE Program Container", "references": [{"name": "70476", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/70476"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"name": "45923", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/45923"}, {"name": "ADV-2011-0128", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0128"}, {"name": "42958", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/42958"}, {"name": "wmq-messageheader-bo(64628)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64628"}, {"name": "IZ77607", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-0310", "datePublished": "2011-01-13T18:35:00", "dateReserved": "2011-01-06T00:00:00", "dateUpdated": "2024-08-06T21:51:07.672Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "594287A4-AF30-4872-A5B8-1421FAB5C674", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "896273C9-11F9-45A0-BA46-66F37DFACCC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF396289-8409-4FE2-96DB-99818D5680B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6E60ABB-E703-4745-98F3-22609FF70F6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDC03B4D-98C2-4704-9BF9-47888489B9C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "73E4EAA2-8842-41AB-B8E0-944CDF72C893", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_mq:7.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D71A8D2-C97E-4A0D-B4F7-19E0B24AC887", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en IBM WebSphere MQ v7.0 anterior a v7.0.1.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante un campo de cabecera manipulado en un mensaje"}], "id": "CVE-2011-0310", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-13T19:00:05.930", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/70476"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/42958"}, {"source": "cve@mitre.org", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/45923"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2011/0128"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64628"}, {"source": "cve@mitre.org", "url": "https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/70476"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/42958"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27014224"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/45923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0128"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64628"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}