Tuesday, September 10, 2013

XXE OOB strikes back

Microsoft just released patches MS13-072 and MS13-073 to fix CVE-2013-3159 and CVE-2013-3160 XML External Entities Resolution Vulnerability or XXE OOB issues. Details and tools for this and similar issues can be found at XML Out-Of-Band Data Retrieval Black Hat Talk by Timur Yunusov and Alexey Osipov.

So, hack XML, use XXOETA and be happy.


1 comment:

  1. Hello Everybody,
    My name is Mrs Sharon Sim. I live in Singapore and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any person that is looking for loan to him, he gave me happiness to me and my family, i was in need of a loan of $250,000.00 to start my life all over as i am a single mother with 3 kids I met this honest and GOD fearing man loan lender that help me with a loan of $250,000.00 SG. Dollar, he is a GOD fearing man, if you are in need of loan and you will pay back the loan please contact him tell him that is Mrs Sharon, that refer you to him. contact Dr Purva Pius, call/whats-App Contact Number +918929509036 via email:(urgentloan22@gmail.com) Thank you.

    ReplyDelete