xerces-c3 -- Parser Crashes on Malformed Input
The Apache Software Foundation reports:
The Xerces-C XML parser mishandles certain kinds of malformed input
documents, resulting in buffer overflows during processing and error
reporting. The overflows can manifest as a segmentation fault or as
memory corruption during a parse operation. The bugs allow for a
denial of service attack in many applications by an unauthenticated
attacker, and could conceivably result in remote code execution.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright