Vigil@nce - WebSphere MQ 7.5: four vulnerabilities
July 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of WebSphere MQ.
– Impacted products: WebSphere MQ
– Severity: 2/4
– Creation date: 20/05/2015
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in WebSphere MQ.
An unknown vulnerability was announced. [severity:2/4; IT03667]
An attacker can trigger a Cross Site Scripting, in order to
execute JavaScript code in the context of the web site.
[severity:2/4; 1699549, CVE-2015-0176, IT03865]
An unknown vulnerability was announced about mqtt which generates
XR028002 and XR071003. [severity:2/4; IT05513]
An unknown vulnerability was announced. [severity:2/4;
CVE-2015-0189, IT05869]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/WebSphere-MQ-7-5-four-vulnerabilities-16947