libxml2 < 2.7.0 - Heap-Based Buffer Overflow via Long XML Entity Name
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.