XML and SOAP attacks

In 2002-2003 I researched the security of XML (including XPath) and SOAP formats.

The research resulted in the following:



Blind XPath Injection, (May 2004)



BugTraq BID 11384, CVE-2003-0718, Microsoft security bulletin MS04-030

Products affected: Microsoft IIS/5.0, IIS/5.1 and IIS/6.0


BugTraq BID 11312, CVE-2004-1575

Products affected: Apache Xerces-C++ 2.5.0


BugTraq BID 9877CVE-2004-1815, CVE-2004-1816

Products affected: Macromedia ColdFusion/MX, Macromedia JRun, Sun Java System Application Server


BugTraq BID 9204

Products affected: IBM WebSphere 5.0.0, Microsoft ASP.NET


BugTraq BID 9185

Products affected: Microsoft ASP.NET, IBM WebSphere, Macromedia ColdFusion/MX, Macromedia JRun


BugTraq BID 6398, BugTraq BID 6378, BugTraq BID 6363, BugTraq BID 9703, CVE-2004-2244

Affected products: Apache Axis, IBM WebSphere, BEA WebLogic, Sun Microsystems SunONE WebServer, Sybase EAServer, Macromedia ColdFusion/MX, Macromedia JRun, HP server, Oracle 9iAS