CVE-2012-0713

low

Published 2012-08-24 · Modified 2026-04-29

CVSS v3

—

CVSS v2

3.5

VIR risk

3.5

Description

Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and Windows allows remote authenticated users to read arbitrary XML files via unknown vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg1IC81462

OS impact

OS	Version	Status	Fixed in
linux-kernel		not-affected

Application impact

Vendor	Product	Versions
ibm	db2	`9.7`
ibm	db2	`9.7.0.1`
ibm	db2	`9.7.0.2`
ibm	db2	`9.7.0.3`
ibm	db2	`9.7.0.4`
ibm	db2	`9.7.0.5`

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IC81462
http://www.securityfocus.com/bid/53873
http://www-01.ibm.com/support/docview.wss?uid=swg1IC81462
http://www.securityfocus.com/bid/53873

Verify integrity in audit chain (admin only). AS-IS.