WebSphere MQ xcsGetMem Heap Overflow
- Published: 12 Jan 2009
- Type: WebSphere MQ xcsGetMem Heap Overflow Vulnerability
- Severity: High
Affected Products
WebSphere MQ
CVE
CVE-2008-4289
The WebSphere MQ service can be used to transfer messages between systems and applications. An integer overflow and subsequent heap overflow vulnerability has been identified in the packet parsing routines. This vulnerability is associated with the memory allocation code and can result in the overwriting of data on the heap. This vulnerability could be exploited to execute arbitrary code.