CVE-2009-0439
First published: Tue Feb 24 2009(Updated: )
Unspecified vulnerability in the queue manager in IBM WebSphere MQ (WMQ) 5.3, 6.0 before 6.0.2.6, and 7.0 before 7.0.0.2 allows local users to gain privileges via vectors related to the (1) setmqaut, (2) dmpmqaut, and (3) dspmqaut authorization commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere MQ | =5.3 | |
| IBM WebSphere MQ | =5.3 | |
| IBM WebSphere MQ | =5.3.1 | |
| IBM WebSphere MQ | =6.0.0.0 | |
| IBM WebSphere MQ | =6.0.1.0 | |
| IBM WebSphere MQ | =6.0.1.1 | |
| IBM WebSphere MQ | =6.0.2.0 | |
| IBM WebSphere MQ | =6.0.2.1 | |
| IBM WebSphere MQ | =6.0.2.2 | |
| IBM WebSphere MQ | =6.0.2.3 | |
| IBM WebSphere MQ | =6.0.2.4 | |
| IBM WebSphere MQ | =7.0 | |
| IBM WebSphere MQ | =7.0.0.1 | |
| IBM WebSphere MQ Appliance | =7.0.0.1 | |
| IBM WebSphere MQ Appliance | =6.0.1.0 | |
| IBM WebSphere MQ Appliance | =6.0.2.4 | |
| IBM WebSphere MQ Appliance | =6.0.1.1 | |
| IBM WebSphere MQ Appliance | =6.0.0.0 | |
| IBM WebSphere MQ Appliance | =6.0.2.3 | |
| IBM WebSphere MQ Appliance | =6.0.2.1 | |
| IBM WebSphere MQ Appliance | =5.3 | |
| IBM WebSphere MQ Appliance | =6.0.2.2 | |
| IBM WebSphere MQ Appliance | =5.3 | |
| IBM WebSphere MQ Appliance | =6.0.2.0 | |
| IBM WebSphere MQ Appliance | =5.3.1 | |
| IBM WebSphere MQ Appliance | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-0439?
CVE-2009-0439 is considered a moderate severity vulnerability that allows local users to gain privileges.
How do I fix CVE-2009-0439?
To fix CVE-2009-0439, update IBM WebSphere MQ to version 6.0.2.6 or later, or 7.0.0.2 or later.
Which versions of IBM WebSphere MQ are affected by CVE-2009-0439?
CVE-2009-0439 affects IBM WebSphere MQ versions 5.3, 6.0 prior to 6.0.2.6, and 7.0 prior to 7.0.0.2.
Who can exploit CVE-2009-0439?
CVE-2009-0439 can be exploited by local users who have access to the affected IBM WebSphere MQ systems.
What actions can be taken to mitigate CVE-2009-0439?
Mitigation for CVE-2009-0439 includes limiting local user access and ensuring systems are updated to versions that include the vulnerability fix.
- agent/weakness
- agent/references
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/remedy
- agent/author
- agent/tags
- agent/description
- agent/event
- collector/nvd-historical
- vendor/ibm
- canonical/ibm websphere mq
- version/ibm websphere mq/5.3
- version/ibm websphere mq/5.3.1
- version/ibm websphere mq/6.0.0.0
- version/ibm websphere mq/6.0.1.0
- version/ibm websphere mq/6.0.1.1
- version/ibm websphere mq/6.0.2.0
- version/ibm websphere mq/6.0.2.1
- version/ibm websphere mq/6.0.2.2
- version/ibm websphere mq/6.0.2.3
- version/ibm websphere mq/6.0.2.4
- version/ibm websphere mq/7.0
- version/ibm websphere mq/7.0.0.1
- canonical/ibm websphere mq appliance
- version/ibm websphere mq appliance/7.0.0.1
- version/ibm websphere mq appliance/6.0.1.0
- version/ibm websphere mq appliance/6.0.2.4
- version/ibm websphere mq appliance/6.0.1.1
- version/ibm websphere mq appliance/6.0.0.0
- version/ibm websphere mq appliance/6.0.2.3
- version/ibm websphere mq appliance/6.0.2.1
- version/ibm websphere mq appliance/5.3
- version/ibm websphere mq appliance/6.0.2.2
- version/ibm websphere mq appliance/6.0.2.0
- version/ibm websphere mq appliance/5.3.1
- version/ibm websphere mq appliance/7.0