CVE-2011-1753

CVE-2011-1753 affects ejabberd prior to 2.1.7 and 3.x prior to 3.0.0-alpha-3, and exmpp prior to 0.9.7. The issue is improper detection of recursion during XML entity expansion, enabling a remote attacker to induce memory and CPU exhaustion (DoS) through a crafted XML document with a large number...