The XML4J parser in IBM WebSphere Message Broker 6.1 prior to 6.1.0.12, 7.0 prior to 7.0.0.7, and 8.0 prior to 8.0.0.4 and IBM Integration Bus 9.0 prior to 9.0.0.1 allows remote malicious users to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm websphere message broker 6.1.0.1 |
||
ibm websphere message broker 6.1.0.10 |
||
ibm websphere message broker 6.1.0.4 |
||
ibm websphere message broker 6.1.0.5 |
||
ibm websphere message broker 6.1 |
||
ibm websphere message broker 6.1.0.7 |
||
ibm websphere message broker 6.1.0.6 |
||
ibm websphere message broker 6.1.0.8 |
||
ibm websphere message broker 6.1.0.9 |
||
ibm websphere message broker 6.1.0.11 |
||
ibm websphere message broker 6.1.0.2 |
||
ibm websphere message broker 6.1.0.3 |
||
ibm websphere message broker 8.0 |
||
ibm websphere message broker 8.0.0.1 |
||
ibm websphere message broker 8.0.0.2 |
||
ibm websphere message broker 8.0.0.3 |
||
ibm websphere message broker 7.0.0.3 |
||
ibm websphere message broker 7.0.0.4 |
||
ibm websphere message broker 7.0.0.5 |
||
ibm websphere message broker 7.0.0.6 |
||
ibm websphere message broker 7.0. |
||
ibm websphere message broker 7.0.0.1 |
||
ibm websphere message broker 7.0.0.2 |
Vulmon