Vulnerability in Ibm Db2
CVE-2013-5466
The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.
EPSS: 0.010 (77.8th percentile) — read the EPSS interpretation.
Affected products
- Ibm Db2 — versions 9.5, 9.7, 9.8
- Ibm Db2_connect — versions 9.5, 9.7, 9.8
- Ibm Db2_purescale_feature_9.8
- N/a — versions n/a
References
- IC97470 (vendor-advisory, x_refsource_AIXAPAR)
- ibm-db2-cve20135466-xslt-dos(88365) (vdb-entry, x_refsource_XF)
- 64334 (vdb-entry, x_refsource_BID)
- IC97402 (vendor-advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- IC97472 (vendor-advisory, x_refsource_AIXAPAR)
- IC97763 (vendor-advisory, x_refsource_AIXAPAR)
- IC97471 (vendor-advisory, x_refsource_AIXAPAR)