libofx.so is vulnerable to denial of service (DoS). The vulnerability is possible because it does not properly handle the null pointer dereference in the function OFXApplication::startElement(SGMLApplication::StartElementEvent const&)
in lib/ofx_sgml.cpp
, allowing an attacker to crash the application using a malicious file.