CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
79.8%
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through
FP4 allows remote authenticated users to cause a denial of service
(infinite loop) by calling the XMLPARSE function with a crafted string
expression.
Author | Note |
---|---|
tyhicks | Fixed in 9.7 FP6 |
www-01.ibm.com/support/docview.wss?uid=swg1IC81379
www-01.ibm.com/support/docview.wss?uid=swg1IC81380
www-01.ibm.com/support/docview.wss?uid=swg1IC81837
www-01.ibm.com/support/docview.wss?uid=swg21588098
xforce.iss.net/xforce/xfdb/73496
launchpad.net/bugs/cve/CVE-2012-0712
nvd.nist.gov/vuln/detail/CVE-2012-0712
security-tracker.debian.org/tracker/CVE-2012-0712
www.cve.org/CVERecord?id=CVE-2012-0712