[WEB SECURITY] Multi Vendor XML parser DOS Details?

Steven M. Christey coley at linus.mitre.org
Fri Aug 7 14:38:55 EDT 2009


On Fri, 7 Aug 2009, Amit Klein wrote:

> Weird. I thought most parsers already fixed this one after my 2002
> disclosure (http://www.securityfocus.com/archive/1/303509)

Based on what I've seen in CVE over 10 years, only a handful of vendors
actually try to learn from the vulnerabilities in their competitors'
products.

- Steve

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list