Description
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Remediation
References
Related Vulnerabilities
WordPress Plugin easyping-website subscriptions done right PHP Object Injection (0.0.1)
WordPress Plugin Two Way CHAT-Send or receive messages to your user Multiple Vulnerabilities (3.1.4)
WordPress Plugin DukaPress SQL Injection (2.5.9)
PostgreSQL Numeric Errors Vulnerability (CVE-2014-0064)
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0.4)