Expat before 2.4.4 has an integer overflow in the doProlog function. A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service