Denial of Service Vulnerability in IBM DB2 XMLPARSE Function

Denial of Service Vulnerability in IBM DB2 XMLPARSE Function

CVE-2012-0712 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.

Learn more about our Cis Benchmark Audit For Ibm Db2.