IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability

IBM Integration Bus is prone to a denial-of-service vulnerability.

Successful exploits may allow an attacker to cause an affected application to consume excessive amounts of memory, resulting in a denial-of-service condition.

The following products are vulnerable:

IBM WebSphere Message Broker version 6.1.0.11 with Rules and Formatter Extension
IBM WebSphere Message Broker version 6.1.0.11
IBM WebSphere Message Broker version 7.0,0.6
IBM WebSphere Message Broker version 8.0.0.3
IBM Integration Bus version 9.0.0.0


 

Privacy Statement
Copyright 2010, SecurityFocus