CVE-2014-4834
IBM WebSphere Commerce (6.x up to 6.0.0.11 and 7.x up to 7.0.0.8) is affected by a vulnerability where recursion during XML entity expansion is not detected, allowing a remote attacker to cause memory/CPU exhaustion and an application crash via a crafted XML document with many nested entity refer...