Security Bulletin: Vulnerability IBM Java XML Parser used in IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed (CVE-2013-4002)

IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed ships with IBM Java JRE. This JRE contains a variant of Apache-J XML parser (XM4J) that is vulnerable to a denial of service attack triggered by malformed XML data...



via IBM Product Security Incident Response Team https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_vulnerability_ibm_java_xml_parser_used_in_ibm_license_metric_tool_and_ibm_tivoli_asset_discovery_for_distributed_cve_2013_40021?lang=en_us