0.007 Low
EPSS
Percentile
81.1%
A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an application using Xerces-C by tricking it into processing specially crafted data.
xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
bugzilla.redhat.com/show_bug.cgi?id=1348845