Subject: Re: [xsl] xsl as a hacker's tool From: "Colin Findlay" <colin@xxxxxxxxx> Date: Fri, 12 Apr 2002 15:23:02 +0100 |
Why not just download them?? http://sa.windows.com/transform.xsl Col. ----- Original Message ----- From: "Bryan Rasmussen" <bry@xxxxxxxxxx> To: <xsl-list@xxxxxxxxxxxxxxxxxxxxxx> Sent: Friday, April 12, 2002 1:59 PM Subject: [xsl] xsl as a hacker's tool > > anyone read this? > http://www.theregister.co.uk/content/4/24815.html > > it says that win-xp on executing a search downloads the following xsls > > transform.xsl > balloon.xsl > prevectr.xsl > vector.xsl > boolean.xsl > pretrans.xsl > transform.xsl > > why transform is repeated no idea, since I don't have XP can someone who > does send me these or post them or would this be illegal in our present day > world. I'm not gonna do this but it strikes me that bad people could maybe > write an exploit, manage to point the search at their own address instead of > http://sa.windows.com/ and then downloading their own xsls, these xsls would > hold ms namespace extensions and Oh boy! > > > XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
[xsl] xsl as a hacker's tool, Bryan Rasmussen | Thread | Re: [xsl] xsl as a hacker's tool, Jeni Tennison |
Re: [xsl] Query regarding XSL varia, KUMAR NINGASHETTY | Date | Re: [xsl] xsl as a hacker's tool, Jeni Tennison |
Month |