[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Malicious XML
Karl Waclawek writes: > According to James Clark it is a reasonably well known XML > vulnerability. I can e-mail you. I am not sure if I should > post it publicly - any comments on that? [note: I've seen it by private mail] Yes, you should post it publicly, for two reasons: 1. People cannot protect themselves against what they don't know. 2. There's very little XML flowing outside the firewall (virtually nil in Web terms), so there's not much for a script kiddie to attack. I suppose we need to consider XML-aware Web browsers like MSIE, but you hardly need a sophisticated attack to crash those anyway. All the best, DAvid -- David Megginson, david@m..., http://www.megginson.com/
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|