IBM Integration Bus XML4J Parser Entity Expansion Denial of Service Vulnerability

Bugtraq ID: 63224
Class: Design Error
CVE: CVE-2013-5372
Remote: Yes
Local: No
Published: Oct 17 2013 12:00AM
Updated: Aug 05 2014 12:12AM
Credit: The vendor reported this issue.
Vulnerable: SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP3 LTSS
+ Linux kernel 2.6.5
S.u.S.E. SUSE CORE 9 for x86
S.u.S.E. CORE 9
Red Hat Enterprise Linux Workstation Supplementary 6
Red Hat Enterprise Linux Supplementary 5 server
Red Hat Enterprise Linux Server Supplementary 6
Red Hat Enterprise Linux HPC Node Supplementary 6
Red Hat Enterprise Linux Desktop Supplementary 6
Red Hat Enterprise Linux Desktop Supplementary 5 client
IBM WebSphere Process Server 7.0.4
IBM WebSphere Lombardi Edition 7.2.0
IBM Websphere Application Server 8.0 2
IBM Websphere Application Server 7.0 3
IBM Websphere Application Server 7.0 21
IBM Websphere Application Server 7.0 .9
IBM Websphere Application Server 7.0 .8
IBM Websphere Application Server 7.0 .2
IBM Websphere Application Server 7.0 .13
IBM Websphere Application Server 7.0 .12
IBM Websphere Application Server 7.0 .11
IBM Websphere Application Server 6.1 41
IBM Websphere Application Server 6.1 .9
IBM Websphere Application Server 6.1 .8
IBM Websphere Application Server 6.1 .7
IBM Websphere Application Server 6.1 .6
IBM Websphere Application Server 6.1 .5
IBM Websphere Application Server 6.1 .4
IBM Websphere Application Server 6.1 .32
IBM Websphere Application Server 6.1 .3
IBM Websphere Application Server 6.1 .25
IBM Websphere Application Server 6.1 .23
IBM Websphere Application Server 6.1 .22
IBM Websphere Application Server 6.1 .21
IBM Websphere Application Server 6.1 .20
IBM Websphere Application Server 6.1 .2
IBM Websphere Application Server 6.1 .19
IBM Websphere Application Server 6.1 .18
IBM Websphere Application Server 6.1 .17
IBM Websphere Application Server 6.1 .15
IBM Websphere Application Server 6.1 .14
IBM Websphere Application Server 6.1 .13
IBM Websphere Application Server 6.1 .12
IBM Websphere Application Server 6.1 .11
IBM Websphere Application Server 6.1 .10
IBM Websphere Application Server 6.1 .1
IBM Websphere Application Server 8.0.0.4
IBM Websphere Application Server 8.0.0.1
IBM Websphere Application Server 8.0.0.0
IBM Websphere Application Server 8.0
IBM Websphere Application Server 7.0.0.7
IBM Websphere Application Server 7.0.0.6
IBM Websphere Application Server 7.0.0.5
IBM Websphere Application Server 7.0.0.4
IBM Websphere Application Server 7.0.0.23
IBM Websphere Application Server 7.0.0.19
IBM Websphere Application Server 7.0.0.17
IBM Websphere Application Server 7.0.0.15
IBM Websphere Application Server 7.0.0.15
IBM Websphere Application Server 7.0.0.14
IBM Websphere Application Server 7.0.0.13
IBM Websphere Application Server 7.0.0.1
IBM Websphere Application Server 7.0.0.0
IBM Websphere Application Server 7.0
IBM Websphere Application Server 6.1.0.45
IBM Websphere Application Server 6.1.0.43
IBM Websphere Application Server 6.1.0.39
IBM Websphere Application Server 6.1.0.37
IBM Websphere Application Server 6.1.0.35
IBM Websphere Application Server 6.1.0.34
IBM Websphere Application Server 6.1.0.33
IBM Websphere Application Server 6.1.0.31
IBM Websphere Application Server 6.1.0.29
IBM Websphere Application Server 6.1.0.27
IBM Websphere Application Server 6.1
IBM Web Experience Factory 7.0.1.2
IBM Web Experience Factory 7.0.1
IBM Web Experience Factory 7.0.0.2
IBM Web Experience Factory 7.0
IBM Tivoli Storage Productivity Center 4.2.1.185
IBM Tivoli Storage Productivity Center 4.2.1 Fix Pack 4
IBM Tivoli Storage Productivity Center 4.2.1
IBM Tivoli Netcool/OMNIbus 7.3
IBM Tivoli Business Service Manager 4.2.1
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2
IBM Rational Team Concert 3.0
IBM Rational Team Concert 2.0
IBM OS/400 V6R1M0
IBM Lotus Notes 8.5.3
IBM Lotus Notes 8.5.2
IBM Lotus Notes 8.5.1
IBM Lotus Notes 8.5.1
IBM Lotus Notes 8.0.2
IBM Lotus Notes 8.5.2.3
IBM Lotus Notes 8.5.2.2
IBM Lotus Notes 8.5.2.1
IBM Lotus Notes 8.5.2.0
IBM Lotus Notes 8.5.2 FP2
IBM Lotus Notes 8.5.1.5
IBM Lotus Notes 8.5.1.4
IBM Lotus Notes 8.5.1.3
IBM Lotus Notes 8.5.1.2
IBM Lotus Notes 8.5.1 FP5
IBM Lotus Notes 8.5.0.1
IBM Lotus Notes 8.5.0.0
IBM Lotus Notes 8.5
IBM Lotus Notes 8.0.2.6
IBM Lotus Notes 8.0.2.5
IBM Lotus Notes 8.0.2.4
IBM Lotus Notes 8.0.2.3
IBM Lotus Notes 8.0.2.2
IBM Lotus Notes 8.0.2.1
IBM Lotus Notes 8.0.2.0
IBM Lotus Notes 8.0.2 FP6
IBM Lotus Notes 8.0
IBM Lotus Domino 8.5.3
IBM Lotus Domino 8.5.2
IBM Lotus Domino 8.5.1 Fix Pack 2
IBM Lotus Domino 8.5.1
IBM Lotus Domino 8.5
IBM Lotus Domino 8.0.2 Fix Pack 5
IBM Lotus Domino 8.0.2
IBM Lotus Domino 8.0.1
IBM Lotus Domino 8.5FP1
IBM Lotus Domino 8.5.3FP1
IBM Lotus Domino 8.5.2 FP4
IBM Lotus Domino 8.5.2 FP3
IBM Lotus Domino 8.5.2 FP3
IBM Lotus Domino 8.5.2 FP2
IBM Lotus Domino 8.5.1FP5
IBM Lotus Domino 8.5.1.1
IBM Lotus Domino 8.5.0.1
IBM Lotus Domino 8.0.2.4
IBM Lotus Domino 8.0.2.3
IBM Lotus Domino 8.0.2.2
IBM Lotus Domino 8.0.2.1
IBM Lotus Domino 8.0.2 FP4
IBM Lotus Domino 8.0
IBM Java SDK 1.4.2
IBM Java SDK 6
IBM InfoSphere Information Server 8.5
IBM InfoSphere Information Server 8.1
IBM IMS 10
IBM FileNet Content Manager 5.1
IBM AIX 7.1
IBM AIX 6.1
IBM AIX 5.3
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus