Launchpad.net

CVE 2012-0881

Apache Xerces2 Java allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

See the CVE page on Mitre.org for more details.