The Xerces-C XML parser fails to successfully parse a DTD that is deeply nested, and this causes a stack overflow, which makes a denial of service attack against many applications possible by an unauthenticated attacker. Apache Xerces-C XML Parser library versions prior to 3.1.4 are affected.
a0b966184480f64c7fc857680e37cc670d35cc9e4cccf14b0d26c6528bbbdd5a