diff --git a/hibernate-core/src/main/java/org/hibernate/internal/util/xml/XMLHelper.java b/hibernate-core/src/main/java/org/hibernate/internal/util/xml/XMLHelper.java
index 4239bd0ded..03fc9efcc1 100644
--- a/hibernate-core/src/main/java/org/hibernate/internal/util/xml/XMLHelper.java
+++ b/hibernate-core/src/main/java/org/hibernate/internal/util/xml/XMLHelper.java
@@ -59,6 +59,14 @@ public final class XMLHelper {
 
 	public SAXReader createSAXReader(ErrorLogger errorLogger, EntityResolver entityResolver) {
 		SAXReader saxReader = new SAXReader();
+		try {
+			saxReader.setFeature( "http://apache.org/xml/features/nonvalidating/load-external-dtd", false );
+			saxReader.setFeature( "http://xml.org/sax/features/external-general-entities", false );
+			saxReader.setFeature( "http://xml.org/sax/features/external-parameter-entities", false );
+		}
+		catch (Exception e) {
+			throw new RuntimeException( e );
+		}
 		saxReader.setMergeAdjacentText( true );
 		saxReader.setValidation( true );
 		saxReader.setErrorHandler( errorLogger );
diff --git a/hibernate-core/src/test/java/org/hibernate/test/annotations/xml/ejb3/Ejb3XmlTestCase.java b/hibernate-core/src/test/java/org/hibernate/test/annotations/xml/ejb3/Ejb3XmlTestCase.java
index c41b93bd99..3c96ba4df1 100644
--- a/hibernate-core/src/test/java/org/hibernate/test/annotations/xml/ejb3/Ejb3XmlTestCase.java
+++ b/hibernate-core/src/test/java/org/hibernate/test/annotations/xml/ejb3/Ejb3XmlTestCase.java
@@ -64,7 +64,11 @@ abstract class Ejb3XmlTestCase extends BaseUnitTestCase {
 
 	protected XMLContext getContext(InputStream is) throws Exception {
 		XMLContext xmlContext = new XMLContext( BootstrapContextImpl.INSTANCE );
-		Document doc = new SAXReader().read( is );
+		SAXReader reader = new SAXReader();
+		reader.setFeature( "http://apache.org/xml/features/nonvalidating/load-external-dtd", false );
+		reader.setFeature( "http://xml.org/sax/features/external-general-entities", false );
+		reader.setFeature( "http://xml.org/sax/features/external-parameter-entities", false );
+		Document doc = reader.read( is );
 		xmlContext.addDocument( doc );
 		return xmlContext;
 	}
diff --git a/hibernate-spatial/src/test/java/org/hibernate/spatial/testing/TestDataReader.java b/hibernate-spatial/src/test/java/org/hibernate/spatial/testing/TestDataReader.java
index 1ccafdfbb1..989e302471 100644
--- a/hibernate-spatial/src/test/java/org/hibernate/spatial/testing/TestDataReader.java
+++ b/hibernate-spatial/src/test/java/org/hibernate/spatial/testing/TestDataReader.java
@@ -26,10 +26,13 @@ public class TestDataReader {
 		List<TestDataElement> testDataElements = new ArrayList<TestDataElement>();
 		SAXReader reader = new SAXReader();
 		try {
+			reader.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false );
+			reader.setFeature("http://xml.org/sax/features/external-general-entities", false );
+			reader.setFeature("http://xml.org/sax/features/external-parameter-entities", false );
 			Document document = reader.read( getInputStream( fileName ) );
 			addDataElements( document, testDataElements );
 		}
-		catch (DocumentException e) {
+		catch (Exception e) {
 			throw new RuntimeException( e );
 		}
 		return testDataElements;