Xerces-C++ Nested DTD Structure XML Parsing Remote Denial of Service Vulnerability

Xerces-C++ is prone to a denial-of-service vulnerability because it fails to handle certain XML data structures.

Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an application using the vulnerable XML parsing library.

Xerces-C++ 3.0.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus