The host is installed with IBM DB2 9.5 before FP9 and is prone to denial of service vulnerability. A flaw is present in the application, which calls the XMLPARSE function with a crafted string expression. Successful exploitation allows remote attackers to deny service to legitimate users.