A vulnerability has been reported in Apache XML Security
vulnerability is reported in versions prior to 1.7.2
The vulnerability addresses the possibility of a heap overflow condition
The vulnerability is caused due to an error within the XML Signature Reference processing code and can be exploited to cause a heap-based buffer overflow via a specially crafted document containing malformed XPointer expressions.
Successful exploitation may allow execution of arbitrary code
Vendor recommends updating to current version