CVE-2009-0905

2011-10-30T19:55:00
ID CVE-2009-0905
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:30:00

Description

IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring. Per: http://xforce.iss.net/xforce/xfdb/51042

'Note: This vulnerability only affects platforms where group names are limited to 12 characters in length.IB'