Ok, changed it to PDF. Thanks. https://svn.apache.org/repos/asf/incubator/wink/trunk/security/CVE-2010-2245.pdf
mike On Tue, Jul 6, 2010 at 1:59 PM, Jason Dillon <[email protected]> wrote: > The docx format is not very friendly to share these details... PDF, HTML or > even plain text would be much better IMO. > > --jason > > > On Jul 6, 2010, at 9:46 AM, Mike Rheinheimer wrote: > >> The Wink team recently discovered a security issue that may allow an >> attacker to carry out denial of service attacks and to read arbitrary >> files on the file system of the node where Wink runs. Details of the >> vulnerability are described in the following advisory: >> >> https://svn.apache.org/repos/asf/incubator/wink/trunk/security/CVE-2010-2245.docx >> >> This vulnerability may potentially be exploited on any Wink >> installation that receives XML messages from untrusted sources. We >> strongly recommend to all users who manage this type of installation >> to follow the instructions in the above advisory in order to mitigate >> the security risk caused by this vulnerability. >> >> -- The Wink team > >
