Full Disclosure mailing list archives
Re: Results of a XSLT fuzzing effort
From: Simeon <simeon () bermuda ch>
Date: Fri, 08 Mar 2013 15:03:24 +0100
+1 Am 08-Mar-2013 11:12, schrieb Nicolas Grégoire:
Hi! I published last week a blog post describing the results of the XSLT fuzzing campaign I did in 2012. Now that most of the discovered vulnerabilities are patched, I've chosen to give away a dozen of PoC regarding Adobe Reader, Microsoft MSXML, Firefox, Webkit, ... Even if you are not in XML technologies, I think that looking at pathological XSLT code may be interesting ;-) The article is there: http://www.agarri.fr/blog/index.html Cheers, Nicolas Grégoire _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Results of a XSLT fuzzing effort Nicolas Grégoire (Mar 08)
- Re: Results of a XSLT fuzzing effort antisnatchor (Mar 08)
- Re: Results of a XSLT fuzzing effort Simeon (Mar 08)