EIP-2026-116345
PRE-CVESun Java 1.x - XML Document Nested Entity Denial of Service
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-116345. PoCs published by Sun Microsystems.
AI-analyzed exploit summary This exploit leverages an XML Entity Expansion (XEE) vulnerability in Sun Java to cause a denial-of-service (DoS) by consuming excessive system resources. The malicious XML document contains deeply nested entity references that trigger exponential expansion, leading to system crashes.
Description
Sun Java 1.x - XML Document Nested Entity Denial of Service
Exploits (1)
This exploit leverages an XML Entity Expansion (XEE) vulnerability in Sun Java to cause a denial-of-service (DoS) by consuming excessive system resources. The malicious XML document contains deeply nested entity references that trigger exponential expansion, leading to system crashes.