Subject: xsl as a hacker's tool
From: "Bryan Rasmussen" <bry@xxxxxxxxxx>
Date: Fri, 12 Apr 2002 14:59:53 +0200
|
anyone read this?
http://www.theregister.co.uk/content/4/24815.html
it says that win-xp on executing a search downloads the following xsls
transform.xsl
balloon.xsl
prevectr.xsl
vector.xsl
boolean.xsl
pretrans.xsl
transform.xsl
why transform is repeated no idea, since I don't have XP can someone who
does send me these or post them or would this be illegal in our present day
world. I'm not gonna do this but it strikes me that bad people could maybe
write an exploit, manage to point the search at their own address instead of
http://sa.windows.com/ and then downloading their own xsls, these xsls would
hold ms namespace extensions and Oh boy!
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
| Current Thread |
|---|
- Re: combine xml files, (continued)
- Ming - Thu, 11 Apr 2002 10:36:04 -0400 (EDT)
- Thomas B. Passin - Thu, 11 Apr 2002 11:04:06 -0400 (EDT)
- Ming - Thu, 11 Apr 2002 12:59:35 -0400 (EDT)
- Thomas B. Passin - Thu, 11 Apr 2002 15:42:41 -0400 (EDT)
- Bryan Rasmussen - Fri, 12 Apr 2002 08:57:13 -0400 (EDT) <=
- Colin Findlay - Fri, 12 Apr 2002 10:17:59 -0400 (EDT)
- Jeni Tennison - Fri, 12 Apr 2002 10:36:34 -0400 (EDT)
- Bryan Rasmussen - Fri, 12 Apr 2002 10:51:23 -0400 (EDT)
- cutlass - Fri, 12 Apr 2002 11:38:42 -0400 (EDT)
|
|
Cart
