Debian DSA-1984-1 : libxerces2-java - denial of service
Medium Nessus Plugin ID 44848
SynopsisThe remote Debian host is missing a security-related update.
DescriptionIt was discovered that libxerces2-java, a validating XML parser for Java, does not properly process malformed XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file.
SolutionUpgrade the libxerces2-java package.
For the oldstable distribution (etch), this problem has been fixed in version 2.8.1-1+etch1.
For the stable distribution (lenny), this problem has been fixed in version 2.9.1-2+lenny1.