Microsoft just released patches MS13-072 and MS13-073 to fix CVE-2013-3159 and CVE-2013-3160 XML External Entities Resolution Vulnerability or XXE OOB issues. Details and tools for this and similar issues can be found at XML Out-Of-Band Data Retrieval Black Hat Talk by Timur Yunusov and Alexey Osipov.
So, hack XML, use XXOETA and be happy.
So, hack XML, use XXOETA and be happy.
No comments:
Post a Comment