[xsl] xsl as a hacker's tool

Subject: [xsl] xsl as a hacker's tool
From: "Bryan Rasmussen" <bry@xxxxxxxxxx>
Date: Fri, 12 Apr 2002 14:59:53 +0200
anyone read this?
http://www.theregister.co.uk/content/4/24815.html

it says that win-xp on executing a search downloads the following xsls

transform.xsl
balloon.xsl
prevectr.xsl
vector.xsl
boolean.xsl
pretrans.xsl
transform.xsl

why transform is repeated no idea, since I don't have XP can someone who
does send me these or post them or would this be illegal in our present day
world. I'm not gonna do this but it strikes me that bad people could maybe
write an exploit, manage to point the search at their own address instead of
http://sa.windows.com/ and then downloading their own xsls, these xsls would
hold ms namespace extensions and Oh boy!


 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


Current Thread