The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Db2 | Ibm | 9.5 (including) | 9.5 (including) |
| Db2 | Ibm | 9.7 (including) | 9.7 (including) |
| Db2 | Ibm | 9.8 (including) | 9.8 (including) |
| Db2 | Ibm | 10.1 (including) | 10.1 (including) |
| Db2 | Ibm | 10.5 (including) | 10.5 (including) |
| Db2_connect | Ibm | 9.5 (including) | 9.5 (including) |
| Db2_connect | Ibm | 9.7 (including) | 9.7 (including) |
| Db2_connect | Ibm | 9.8 (including) | 9.8 (including) |
| Db2_connect | Ibm | 10.1 (including) | 10.1 (including) |
| Db2_connect | Ibm | 10.5 (including) | 10.5 (including) |
| Db2_purescale_feature_9.8 | Ibm | - (including) | - (including) |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97402
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97470
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97471
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97472
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97763
- http://www-01.ibm.com/support/docview.wss?uid=swg21660046
- http://www.securityfocus.com/bid/64334
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88365
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97402
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97470
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97471
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97472
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC97763
- http://www-01.ibm.com/support/docview.wss?uid=swg21660046
- http://www.securityfocus.com/bid/64334
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88365