[jdom-interest] "It's just XML, what could probably go wrong?"

Olivier Jaquemet olivier.jaquemet at jalios.com
Mon Apr 14 01:06:47 PDT 2014


I forgot to mention my sources, should you want to follow the same 
informations :

https://twitter.com/r_netsec
https://twitter.com/r_netsec/status/454917490447876096
http://www.reddit.com/r/netsec/comments/22u7o4/its_just_xml_what_could_probably_go_wrong/

On 14/04/2014 09:32, Olivier Jaquemet wrote:
> Hello all,
>
> The following article explains many possible attacks against XML 
> parsers available in python, and with some other programming 
> languages, including a quick an partial note regarding Xerces.
> Unfortunately the results on the vulnerability of the Java platform 
> are incomplete, maybe some auditing of the JDom vulnerabilities could 
> be performed based on the initial informations available here...?
>
> Very interesting reading.
>
> Regards,
> Olivier Jaquemet
> _______________________________________________
> To control your jdom-interest membership:
> http://www.jdom.org/mailman/options/jdom-interest/youraddr@yourhost.com
>


More information about the jdom-interest mailing list