Open Source zlib is vulnerable to a denial of service. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVEID: CVE-2016-9840**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by out-of-bounds pointer arithmetic in inftrees.c. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120508 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9841**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by out-of-bounds pointer arithmetic in inftrees.c. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120509 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9842**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by an undefined left shift of negative number. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120510 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-9843**
DESCRIPTION:** zlib is vulnerable to a denial of service, caused by a big-endian out-of-bounds pointer. By persuading a user to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 3.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/120511 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
IBM WebSphere MQ V7.1
IBM WebSphere MQ 7.1.0.0 - 7.1.0.8 maintenance levels
IBM WebSphere MQ V7.5
IBM WebSphere MQ 7.5.0.0 - 7.5.0.7 maintenance levels
IBM MQ V8
IBM MQ 8.0.0.0 - 8.0.0.6 maintenance levels
IBM MQ Appliance V8
IBM MQ Appliance 8.0.0.0 - 8.0.0.6 maintenance levels
IBM MQ V9 LTS
IBM MQ V9.0.0.0 only
IBM MQ V9 CD
IBM MQ V9.0.1 and V9.0.2
IBM MQ Appliance V9 CD
IBM MQ Appliance V9.0.1 and V9.0.2
IBM WebSphere MQ V7.1
IBM WebSphere MQ V7.5
IBM MQ V8
IBM MQ Appliance V8
Apply Fix Pack 8.0.0.7 for MQ Appliance
IBM MQ V9 LTS
IBM MQ V9 CD
IBM MQ Appliance V9 CD
Upgrade to IBM MQ Appliance 9.0.3
All Versions
Disable Channel Compression