On Tue, 26 Mar 2013 17:53:39 +0100 (CET) christian.heimes wrote:

+ +The XML processing modules are not secure against maliciously constructed data. +An attacker can abuse vulnerabilities for e.g. denial of service attacks, to +access local files, to generate network connections to other machines, or +to or circumvent firewalls.

Really? Where does the "access local files, generate network connections, circumvent firewalls" allegation come from? Regards Antoine.