PQ81278: Web Services Denial of Service problem with
XML Attributes
Downloadable files
Abstract
Denial of Service problem with XML attributes
Download Description
During the parsing of an XML document (e.g. by a SOAP server), a list
of attributes is compiled for each parsed element. This is typically done
by the underlying XML parsing facility (the XML parser).
The time it takes the XML parser to compile the list of attributes (in a
given XML element) can consume an excessive amount of CPU resources.
Applying PQ81278 to WebSphere Application Server 5.0.0, 5.0.1, 5.0.2, and
5.0.2.1 will protect against this type of attack.
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > Web Services (for example: SOAP or UDDI or WSGW or WSIF)
Operating system(s): Windows
Software version: 5.0.2.2
Software edition: Reference #: 4005943
IBM Group: Software Group
Modified date: Dec 19, 2003
(C) Copyright IBM Corporation 2000, 2009. All Rights
Reserved.