It was discovered that XML:
arser incorrectly handled certain multi-byte UTF-8 characters. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML:arser to crash, resulting in a denial of service or to possibly execute arbitrary code. (CVE-2006-10002) It was discovered that XML:arser incorrectly handled very deep element nesting. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML:arser to crash, resulting in a denial of service or to possibly execute arbitrary code (CVE-2006-10003)
Continue reading...
arser incorrectly handled certain multi-byte UTF-8 characters. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML:arser to crash, resulting in a denial of service or to possibly execute arbitrary code. (CVE-2006-10002) It was discovered that XML:arser incorrectly handled very deep element nesting. If a user or automated system were tricked into processing specially crafted XML data, a remote attacker could use this issue to cause XML:arser to crash, resulting in a denial of service or to possibly execute arbitrary code (CVE-2006-10003)Continue reading...
