|
At
WebServicesSummit.com we've put a spotlight on
security problems related to processing XML documents and handling XML
messages, such as web services conversations. We've also identified
security issues related to platforms used for developing and/or
deploying XML applications and web services. Some
security flaws exist in core software, such as operating systems, that
can compromise the environment used for running XML-related applications
and services. Developers, network managers and security administrators
need to stay informed about security vulnerabilities of the operating
systems they are using. In general,
WebServicesSummit.com will not attempt to track all of the
vulnerabilities reported for specific operating systems. If there is an
operating system security problem related to XML, or its use for
purposes such as web services, we'll identify that threat in the platform
vulnerabilities section.
The category of XML processing vulnerabilities includes
security holes related to parsing, XSLT processing, encryption or
failure to encrypt, misuse of XML-related parameters or objects, and
handling of XML content.
XML Processing Vulnerabilities
XML Sniffing Vulnerability with JDK 1.4.x
In JDK 1.4.x there is a vulnerability that enables
sniffing of XML data (surreptitiously viewing and recording XML). The
vulnerability is exploitable to manipulate XSLT processing classes in
the JVM to view XML data processed by the XSLT processor. Any class in
the JVM may sniff all XML passing through the XSLT processor.
Internet Explorer XML Vulnerability
Internet Explorer may improperly disclose information
because of the way it handles requests for XML content. An attacker
could create a malicious Web page to gain information when a user views
a malicious Web page or a malicious e-mail. Exploiting this
vulnerability enables an attacker to read XML data from another Internet
Explorer domain.
XML External
Entity Vulnerability with Adobe Reader and Acrobat 7.0-7.0.1)
Using XML scripts with Adobe Reader and Acrobat 7.0.1, it
is sometimes possible to access local files.
Acrobat
Reader 5.1 XML Forms Data Format Buffer Overrun
Adobe Reader 5.1 suffers from a buffer overrun
vulnerability when parsing XML Forms Data Format Files. Rendering the
file will trigger the overflow. An attacker can use an e-mail or web
site to transmit a malicious XFDF file and exploit the vuilnerability.
Netscape and Mozilla SOAPParameter Vulnerability
Netscape version 7.0 and 7.1 and Mozilla 1.6 are
vulnerable to an attack using the SOAPParameter object constructor.
If input to the SOAPParameter object constructor has not been properly
validated, Netscape and Mozilla allow execution of arbitrary code.
The SOAPParameter object constructor allows heap corruption caused by an
integer overflow.
Xerces Attribute Handling Denial of Service
An attacker can exploit a malicious XML document by using
attributes in a way that launches a denial of service attack using the
target machine's XML parser. The result of this attack is that the XML
parser consumes all the CPU.
Microsoft Internet Explorer
processing of XML Object Data tags
Due to improper handling of XML Web pages containing
Object Data
tags, IE 5.01, 5.5 and 6.0 are vulnerable, Attackers could execute
arbitrary code after the victim browses to a malicious web page or opens
a malicious HTML e-mail.
Microsoft
Internet Information Server denial of service due to improper handling
of XML
IIS versions 5.0 and 5.1 are vulnerable to a denial of service attack, caused by improper handling of
excessively long WebDAV requests containing XML commands.
|
