CVE-2016-6059

Summary

IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationInfoSphere Information Server8.1affected
IBM CorporationInfoSphere Information Server8.5affected
IBM CorporationInfoSphere Information Server8.0affected
IBM CorporationInfoSphere Information Server8.5.0.1affected
IBM CorporationInfoSphere Information Server8.7affected
IBM CorporationInfoSphere Information Server9.1affected
IBM CorporationInfoSphere Information Server8.0.1affected
IBM CorporationInfoSphere Information Server10.0affected
IBM CorporationInfoSphere Information Server11.3affected
IBM CorporationInfoSphere Information Server10affected
IBM CorporationInfoSphere Information Server11.3.0.0affected
IBM CorporationInfoSphere Information Server11.3.1.0affected
IBM CorporationInfoSphere Information Server11.5affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References