parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. <a href"http://cwe.mitre.org/data/definitions/611.html" target"_blank">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>
Publication date: Tue, 04 Nov 2014 22:55:00 +0000