CVE-2014-0107
CVE-2014-0107 concerns the TransformerFactory in Apache Xalan-Java before 2.7.2, which does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, potentially allowing remote attackers to bypass restrictions and load arbitrary classes or access external reso...