Hi!
I published last week a blog
post describing the results of the XSLT
fuzzing campaign I did in
2012. Now that most of the discovered
vulnerabilities are patched,
I've chosen to give away a dozen of PoC
regarding Adobe Reader,
Microsoft MSXML, Firefox, Webkit, ...
Even if you are not in XML
technologies, I think that looking at
pathological XSLT code may be
interesting ;-)
The article is there:
http://www.agarri.fr/blog/index.htmlCheers,
Nicolas Grégoire
_______________________________________________
Full-Disclosure
- We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and
sponsored by Secunia -
http://secunia.com/