PT-2013-5558 · Ibm · Ibm Db2+2

Danny Tsechansky

Published

2013-12-18

Updated

2018-09-25

CVE-2013-5466

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 9.5 through 10.5 IBM DB2 Connect versions 9.5 through 10.5 IBM DB2 pureScale Feature 9.8 for Enterprise Server Edition

Description The issue allows remote authenticated users to cause a denial of service via unspecified vectors in the XSLT library.

Recommendations For IBM DB2 versions 9.5 through 10.5, consider restricting access to the XSLT library until a fix is available. For IBM DB2 Connect versions 9.5 through 10.5, consider restricting access to the XSLT library until a fix is available. For IBM DB2 pureScale Feature 9.8 for Enterprise Server Edition, consider restricting access to the XSLT library until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-5466

Affected Products

Ibm Db2

Ibm Db2 Connect

Ibm Db2 Purescale Feature

PT-2013-5558 · Ibm · Ibm Db2+2

CVE-2013-5466

Related Identifiers

Affected Products

References · 9