> > From: Hubert Chan <hubert@uhoreg.ca> > Subject: Re: scrollkeeper loading external (online) DTD > Date: 10/01/2003 6:33:22 snip > DTDs cannot introduce any vulnerabilities (unless the XML parser is > horribly buggy). The worst that can happen is that the file doesn't > validate, and scrollkeeper complains. snip Is this strictly true? There have been a few articles on bugtraq recently around this kind of thing. One in the area of "bugs", and one around external entities and the potential for a "rogue" DTD to specify bad URIs. In particular an external reference might cause a parser to open a connection to a site that the user would not wish. Alternately, an entity reference might translate to some form of control string for the application that is later using the parsed XML. And even if the only concern is around bugs, surely experience would indicate that given the growing use of XML parsers in a wide range of applications, we should be careful of all input? External Entities : http://online.securityfocus.com/archive/1/297714 and DTD DoS bug : http://www.macromedia.com/v1/handlers/index.cfm?ID=23559 (Doesn't say much). This message was sent through MyMail http://www.mymail.com.au
Attachment:
replyAll
Description: PGP signature