Buffer overflow in Ibm Websphere_message_broker

CVE-2012-5953

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a c…

Vulnerability class: Buffer Overflow

EPSS: 0.006 (68.6th percentile) — read the EPSS interpretation.

Affected products

Ibm Websphere_message_broker — versions 6.1, 6.1.0.1, 6.1.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
wmb-dataflowengine-dos(80667) (vdb-entry, x_refsource_XF)
PM75015 (vendor-advisory, x_refsource_AIXAPAR)