| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Mar 2013 12:39:09 +0000 From: antisnatchor <antisnatchor@...il.com> To: Nicolas Grégoire <nicolas.gregoire@...rri.fr> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Results of a XSLT fuzzing effort Nice one Nick, great job eheh :D Cheers antisnatchor > ------------------------------------------------------------------------ > > Nicolas Grégoire <mailto:nicolas.gregoire@...rri.fr> > March 8, 2013 10:12 AM > > > Hi! > > I published last week a blog post describing the results of the XSLT > fuzzing campaign I did in 2012. Now that most of the discovered > vulnerabilities are patched, I've chosen to give away a dozen of PoC > regarding Adobe Reader, Microsoft MSXML, Firefox, Webkit, ... > > Even if you are not in XML technologies, I think that looking at > pathological XSLT code may be interesting ;-) > > The article is there: http://www.agarri.fr/blog/index.html > > Cheers, > Nicolas Grégoire > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Content of type "text/html" skipped Download attachment "compose-unknown-contact.jpg" of type "image/jpeg" (770 bytes) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists