Total vulnerabilities in the database
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
| Software | From | Fixed in |
|---|---|---|
| ibm / db2 | 9.5-fp8 | 9.5-fp8.x |
| ibm / db2 | 9.5 | 9.5.x |
| ibm / db2 | 9.8-fp3 | 9.8-fp3.x |
| ibm / db2 | 9.5-fp4 | 9.5-fp4.x |
| ibm / db2 | 9.5-fp5 | 9.5-fp5.x |
| ibm / db2 | 9.5-fp4a | 9.5-fp4a.x |
| ibm / db2 | 9.5-fp1 | 9.5-fp1.x |
| ibm / db2 | 9.5-fp6a | 9.5-fp6a.x |
| ibm / db2 | 9.5-fp7 | 9.5-fp7.x |
| ibm / db2 | 9.5-fp2a | 9.5-fp2a.x |
| ibm / db2 | 9.5-fp6 | 9.5-fp6.x |
| ibm / db2 | 9.7-fp3 | 9.7-fp3.x |
| ibm / db2 | 9.7-fp1 | 9.7-fp1.x |
| ibm / db2 | 9.7-fp5 | 9.7-fp5.x |
| ibm / db2 | 9.7-fp3a | 9.7-fp3a.x |
| ibm / db2 | 9.5-fp3b | 9.5-fp3b.x |
| ibm / db2 | 9.7-fp2 | 9.7-fp2.x |
| ibm / db2 | 9.5-fp2 | 9.5-fp2.x |
| ibm / db2 | 9.7-fp4 | 9.7-fp4.x |
| ibm / db2 | 9.7 | 9.7.x |
| ibm / db2 | 9.5-fp3 | 9.5-fp3.x |
| ibm / db2 | 9.5-fp3a | 9.5-fp3a.x |
| ibm / db2 | 9.8-fp4 | 9.8-fp4.x |
| ibm / db2 | 9.8 | 9.8.x |