[Owasp-ottawa] Our next event: XML Attack Surface

sergei frankoff sergei.frankoff at owasp.org
Wed Jan 9 02:36:39 UTC 2013


Hey Ottawa,

Come join us January 22nd at 6:30pm for a talk about vulnerabilities in XML parsing.

Security vulnerabilities with XML processing can be a real threat to applications, especially when malicious XML can be submitted remotely. Fortunately, these issues can be easily avoided by properly configuring XML parsers.

Several attack types will be presented with a live demo covering the following: Denial of Service, Arbitrary file Content disclosure, and Remote OS command injection. Vulnerabilities caused by misconfiguration of XML parsing, XML transforms and Xpath queries will be investigated and suggestions on how to prevent these type of attacks will be provided with a developer perspective.

You can register for free here (http://xml-attack-surface-owasp-ottawa.eventbrite.com/).


See you there!

Sergei


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-ottawa/attachments/20130108/fec2defd/attachment.html>


More information about the Owasp-ottawa mailing list