Xerces-C++ 'maxOccurs' XML Parsing Remote Denial of Service Vulnerability

info
discussion
exploit
solution
references

Xerces-C++ 'maxOccurs' XML Parsing Remote Denial of Service Vulnerability

Xerces-C++ is prone to a denial-of-service vulnerability because it fails to handle certain XML schema values.

Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable XML parsing library.

Versions prior to Xerces-C++ 3.0.0 are affected.