CVE-2012-5953

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:6.1.0.11:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:websphere_message_broker:7.0.:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:7.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:7.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:7.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:7.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:7.0.0.5:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-02-20 12:09

Updated : 2024-02-04 18:16


NVD link : CVE-2012-5953

Mitre link : CVE-2012-5953

CVE.ORG link : CVE-2012-5953


JSON object : View

Products Affected

ibm

  • websphere_message_broker
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer