Unrated severityNVD Advisory· Published Dec 5, 2012· Updated Jun 16, 2026
CVE-2012-3317
CVE-2012-3317
Description
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.
Affected products
19cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:6.1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:7.0.:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:7.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:7.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*
- (no CPE)range: 6.1 < 6.1.0.11; 7.0 < 7.0.0.5; 8.0 < 8.0.0.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.