CVE-2012-0712 Information

Description

The XML feature in IBM DB2 9.5 before FP9 9.7 through FP5 and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1IC81379 http://www-01.ibm.com/support/docview.wss?uid=swg1IC81380 http://www-01.ibm.com/support/docview.wss?uid=swg1IC81837 http://www-01.ibm.com/support/docview.wss?uid=swg21588098 https://exchange.xforce.ibmcloud.com/vulnerabilities/73496 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14450