Vulnerability Description
The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Mq | 7.0.1.0 |
| Oracle | Solaris | - |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC82725
- http://www.ibm.com/support/docview.wss?uid=swg21610285Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76434
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC82725
- http://www.ibm.com/support/docview.wss?uid=swg21610285Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/76434
FAQ
What is CVE-2012-2199?
CVE-2012-2199 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid addr...
How severe is CVE-2012-2199?
CVE-2012-2199 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2199?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Mq, Oracle Solaris.