XML Denial of Service (XDoS) can be applied to any technology that
						utilizes XML data. This is, of course, most distributed systems technology
						including Java, .Net, databases, and so on. XDoS is most closely associated
						with web services, SOAP, and Rest, because remote service requesters can
						post malicious XML payloads to the service provider designed to exhaust the
						service provider's memory, CPU, and/or disk space. The main weakness in XDoS
						is that the service provider generally must inspect, parse, and validate the
						XML messages to determine routing, workflow, security considerations, and so
						on. It is exactly these inspection, parsing, and validation routines that
						XDoS targets.Target CPU through recursion: attacker creates a recursive payload and
							sends to service providerTarget memory through jumbo payloads: service provider uses DOM to
							parse XML. DOM creates in memory representation of XML document, but
							when document is very large (for example, north of 1 Gb) service
							provider host may exhaust memory trying to build memory objects.XML Ping of death: attack service provider with numerous small files
							that clog the system.