Vulnerability CVE-2013-5466
Published: 2013-12-18

Description:
The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
IBM -> DB2 
IBM -> Db2 connect 
IBM -> Db2 purescale feature 9.8 

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg1IC97402
http://www-01.ibm.com/support/docview.wss?uid=swg1IC97470
http://www-01.ibm.com/support/docview.wss?uid=swg1IC97471
http://www-01.ibm.com/support/docview.wss?uid=swg1IC97472
http://www-01.ibm.com/support/docview.wss?uid=swg1IC97763
http://www-01.ibm.com/support/docview.wss?uid=swg21660046
http://www.securityfocus.com/bid/64334
https://exchange.xforce.ibmcloud.com/vulnerabilities/88365
Copyright 2024, cxsecurity.com

 

Back to Top