The host is installed with IBM DB2 9.7 before FP6 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly handle the XML files. Successful exploitation allows remote authenticated users to read arbitrary XML files via unknown vectors.