Alerte sécurité WMQ

Un nouvelle alerte sécurité sur WebSphere MQ :

IBM WebSphere MQ message header buffer overflow
wmq-messageheader-bo (64628) The risk level is classified as High Risk

Description:

IBM WebSphere MQ is vulnerable to a buffer overflow, caused by improper bounds checking during message handling. By sending a message contain a specially-crafted header field, a remote attacker could overflow a buffer and execute arbitrary code on the system with MQM privileges or cause the application to crash.
Consequences:

Gain Access

Remedy:

For WebSphere MQ 7.0:
Apply the latest Fix Pack (7.0.1.4 or later) or APAR IZ77607. See References.