Denial of Service vulnerability (infinite loop) while parsing malicious XML files
Status: Beta
Brought to you by:
voisine
A maliciously crafted XML file triggers an infinite loop while parsing this file using one of ezxml_parse functions.
The loop is located inside the ezxml_decode function and incorrect handling of XML entities leads to inflate processed strings.
In the loop consecutive memory allocations are performed rapidly increasing memory usage until reaching memory limits or crashing the execution environment.
For me, this issue is resolved by the fix for bug 26.
Check my comment there.