diff -r 5a6b6e770365 -r 68c69c656a2c web/lib/Zend/Serializer/Adapter/Wddx.php
--- a/web/lib/Zend/Serializer/Adapter/Wddx.php	Thu May 07 15:10:09 2015 +0200
+++ b/web/lib/Zend/Serializer/Adapter/Wddx.php	Thu May 07 15:16:02 2015 +0200
@@ -15,21 +15,27 @@
  * @category   Zend
  * @package    Zend_Serializer
  * @subpackage Adapter
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
- * @version    $Id: Wddx.php 25033 2012-08-17 19:50:08Z matthew $
+ * @version    $Id$
  */
 
 /** @see Zend_Serializer_Adapter_AdapterAbstract */
 require_once 'Zend/Serializer/Adapter/AdapterAbstract.php';
 
+/** @see Zend_Xml_Security */
+require_once 'Zend/Xml/Security.php';
+
+/** @see Zend_Xml_Exception */
+require_once 'Zend/Xml/Exception.php';
+
 /**
  * @link       http://www.infoloom.com/gcaconfs/WEB/chicago98/simeonov.HTM
  * @link       http://en.wikipedia.org/wiki/WDDX
  * @category   Zend
  * @package    Zend_Serializer
  * @subpackage Adapter
- * @copyright  Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
+ * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  */
 class Zend_Serializer_Adapter_Wddx extends Zend_Serializer_Adapter_AdapterAbstract
@@ -100,24 +106,12 @@
             // check if the returned NULL is valid
             // or based on an invalid wddx string
             try {
-                $oldLibxmlDisableEntityLoader = libxml_disable_entity_loader(true);
-                $dom = new DOMDocument;
-                $dom->loadXML($wddx);
-                foreach ($dom->childNodes as $child) {
-                    if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
-                        require_once 'Zend/Serializer/Exception.php';
-                        throw new Zend_Serializer_Exception(
-                            'Invalid XML: Detected use of illegal DOCTYPE'
-                        );
-                    }
-                }
-                $simpleXml = simplexml_import_dom($dom);
-                libxml_disable_entity_loader($oldLibxmlDisableEntityLoader);
+                $simpleXml = Zend_Xml_Security::scan($wddx);
                 if (isset($simpleXml->data[0]->null[0])) {
                     return null; // valid null
                 }
                 $errMsg = 'Can\'t unserialize wddx string';
-            } catch (Exception $e) {
+            } catch (Zend_Xml_Exception $e) {
                 $errMsg = $e->getMessage();
             }