CVE-2009-0905 Information

Description

IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.

Reference

http://www.ibm.com/support/docview.wss?uid=swg1IZ37102 https://exchange.xforce.ibmcloud.com/vulnerabilities/51042