CVE-2012-1147
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.
Date published : 2012-07-03
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html