WebSphere MQ xcsGetMem Heap Overflow

  • Published: 12 Jan 2009

WebSphere MQ xcsGetMem Heap Overflow

CVE-2008-4289

Share

Type

  • WebSphere MQ xcsGetMem Heap Overflow Vulnerability

Severity

  • High

Affected products

  • WebSphere MQ

Date

  • 2009-01-12

CVE Reference

  • CVE-2008-4289

Read more

The WebSphere MQ service can be used to transfer messages between systems and applications. An integer overflow and subsequent heap overflow vulnerability has been identified in the packet parsing routines. This vulnerability is associated with the memory allocation code and can result in the overwriting of data on the heap. This vulnerability could be exploited to execute arbitrary code.