CVE-2012-5953

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string.

Published: Feb 20, 2013
Updated: Apr 13, 2023
CVE: CVE-2012-5953
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / websphere_message_broker	6.1.0.9	6.1.0.9.x
ibm / websphere_message_broker	6.1	6.1.x
ibm / websphere_message_broker	6.1.0.6	6.1.0.6.x
ibm / websphere_message_broker	6.1.0.5	6.1.0.5.x
ibm / websphere_message_broker	6.1.0.10	6.1.0.10.x
ibm / websphere_message_broker	6.1.0.2	6.1.0.2.x
ibm / websphere_message_broker	6.1.0.3	6.1.0.3.x
ibm / websphere_message_broker	6.1.0.8	6.1.0.8.x
ibm / websphere_message_broker	6.1.0.11	6.1.0.11.x
ibm / websphere_message_broker	6.1.0.1	6.1.0.1.x
ibm / websphere_message_broker	6.1.0.7	6.1.0.7.x
ibm / websphere_message_broker	6.1.0.4	6.1.0.4.x
ibm / websphere_message_broker	7.0.0.4	7.0.0.4.x
ibm / websphere_message_broker	7.0.0.3	7.0.0.3.x
ibm / websphere_message_broker	7.0.0.1	7.0.0.1.x
ibm / websphere_message_broker	7.0.0.5	7.0.0.5.x
ibm / websphere_message_broker	7.0.0.2	7.0.0.2.x
ibm / websphere_message_broker	7.0.	7.0..x
ibm / websphere_message_broker	8.0	8.0.x
ibm / websphere_message_broker	8.0.0.1	8.0.0.1.x

Vulnerability Database

CVE-2012-5953