CVE-2013-7332

2014-02-26T09:55:08
ID CVE-2013-7332
Type cve
Reporter NVD
Modified 2014-03-10T18:09:12

Description

The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.