CVE-2016-0360

Summary

IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationWebSphere MQ7.0.1affected
IBM CorporationWebSphere MQ7.1affected
IBM CorporationWebSphere MQ7.5affected
IBM CorporationWebSphere MQ8.0affected
IBM CorporationWebSphere MQ9.0affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References