Xerces C++ Duplicated Attributes XML Parsing Denial Of Service Vulnerability

It is reported that Xerces C++ is susceptible to a denial of service vulnerability. This issue is due to a failure of the application to properly handle exceptional XML input.

This vulnerability allows remote attackers to consume all available CPU resources by passing maliciously crafted XML data to an application that utilizes the affected library.

Version 2.5.0 of Xerces C++ is reported to be affected by this vulnerability. Other prior versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus