Описание
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp6:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp6a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp7:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp8:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.8:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.8:fp4:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00982
Низкий
4 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
ubuntu
почти 14 лет назад
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
github
больше 3 лет назад
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
EPSS
Процентиль: 76%
0.00982
Низкий
4 Medium
CVSS2
Дефекты
CWE-399