Apache Axis2 Document Type Declaration Processing Security Vulnerability

Apache Axis2 is prone to a security vulnerability that may result in information-disclosure or denial-of-service conditions. An attacker can exploit this vulnerability to obtain potentially sensitive information by including local and external files on computers running the vulnerable application or by causing denial-of- service conditions other attacks are also possible. The issue affects versions prior to 1.5.2 and 1.6.
The vendor has released fixes. Please see the references for more information.