Apache · Apache Xerces-C · CVE-2009-1885
Name of the Vulnerable Software and Affected Versions:
Apache Xerces C++ versions 2.7.0 through 2.8.0
Description:
A stack consumption issue allows context-dependent attackers to cause a denial of service, resulting in an application crash. This can be achieved through vectors involving nested parentheses and invalid byte values in simply nested DTD structures.
Recommendations:
For Apache Xerces C++ versions 2.7.0 through 2.8.0, consider updating to a newer version to mitigate the risk of a denial of service attack.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.