76

XML Amsterdam 2012 / Security Implications of XML Processing

Download PDF Report

Upload
nicolasgregoire
View
1.178
Download
2

Embed Size (px)

DESCRIPTION

Content: - Hiding malicious PDF inside XDP - DoS attacks: 10^9 LOL, xsl:number, hash collision - XML External Entites attacks - Abuse of XSLT legitimate features - Fuzzing of XSLT processors

Citation preview

Page 1: XML Amsterdam 2012 / Security Implications of XML Processing

Page 2: XML Amsterdam 2012 / Security Implications of XML Processing

Page 3: XML Amsterdam 2012 / Security Implications of XML Processing

Page 4: XML Amsterdam 2012 / Security Implications of XML Processing

Page 5: XML Amsterdam 2012 / Security Implications of XML Processing

Page 6: XML Amsterdam 2012 / Security Implications of XML Processing

Page 7: XML Amsterdam 2012 / Security Implications of XML Processing

Page 8: XML Amsterdam 2012 / Security Implications of XML Processing

Page 9: XML Amsterdam 2012 / Security Implications of XML Processing

Page 10: XML Amsterdam 2012 / Security Implications of XML Processing

Page 11: XML Amsterdam 2012 / Security Implications of XML Processing

Page 12: XML Amsterdam 2012 / Security Implications of XML Processing

Page 13: XML Amsterdam 2012 / Security Implications of XML Processing

Page 14: XML Amsterdam 2012 / Security Implications of XML Processing

Page 15: XML Amsterdam 2012 / Security Implications of XML Processing

Page 16: XML Amsterdam 2012 / Security Implications of XML Processing

Page 17: XML Amsterdam 2012 / Security Implications of XML Processing

Page 18: XML Amsterdam 2012 / Security Implications of XML Processing

Page 19: XML Amsterdam 2012 / Security Implications of XML Processing

Page 20: XML Amsterdam 2012 / Security Implications of XML Processing

Page 21: XML Amsterdam 2012 / Security Implications of XML Processing

Page 22: XML Amsterdam 2012 / Security Implications of XML Processing

Page 23: XML Amsterdam 2012 / Security Implications of XML Processing

Page 24: XML Amsterdam 2012 / Security Implications of XML Processing

Page 25: XML Amsterdam 2012 / Security Implications of XML Processing

Page 26: XML Amsterdam 2012 / Security Implications of XML Processing

Page 27: XML Amsterdam 2012 / Security Implications of XML Processing

Page 28: XML Amsterdam 2012 / Security Implications of XML Processing

Page 29: XML Amsterdam 2012 / Security Implications of XML Processing

Page 30: XML Amsterdam 2012 / Security Implications of XML Processing

Page 31: XML Amsterdam 2012 / Security Implications of XML Processing

Page 32: XML Amsterdam 2012 / Security Implications of XML Processing

Page 33: XML Amsterdam 2012 / Security Implications of XML Processing

Page 34: XML Amsterdam 2012 / Security Implications of XML Processing

Page 35: XML Amsterdam 2012 / Security Implications of XML Processing

Page 36: XML Amsterdam 2012 / Security Implications of XML Processing

Page 37: XML Amsterdam 2012 / Security Implications of XML Processing

Page 38: XML Amsterdam 2012 / Security Implications of XML Processing

Page 39: XML Amsterdam 2012 / Security Implications of XML Processing

Page 40: XML Amsterdam 2012 / Security Implications of XML Processing

Page 41: XML Amsterdam 2012 / Security Implications of XML Processing

Page 42: XML Amsterdam 2012 / Security Implications of XML Processing

Page 43: XML Amsterdam 2012 / Security Implications of XML Processing

Page 44: XML Amsterdam 2012 / Security Implications of XML Processing

Page 45: XML Amsterdam 2012 / Security Implications of XML Processing

Page 46: XML Amsterdam 2012 / Security Implications of XML Processing

Page 47: XML Amsterdam 2012 / Security Implications of XML Processing

Page 48: XML Amsterdam 2012 / Security Implications of XML Processing

Page 49: XML Amsterdam 2012 / Security Implications of XML Processing

Page 50: XML Amsterdam 2012 / Security Implications of XML Processing

Page 51: XML Amsterdam 2012 / Security Implications of XML Processing

Page 52: XML Amsterdam 2012 / Security Implications of XML Processing

Page 53: XML Amsterdam 2012 / Security Implications of XML Processing

Page 54: XML Amsterdam 2012 / Security Implications of XML Processing

Page 55: XML Amsterdam 2012 / Security Implications of XML Processing

Page 56: XML Amsterdam 2012 / Security Implications of XML Processing

Page 57: XML Amsterdam 2012 / Security Implications of XML Processing

Page 58: XML Amsterdam 2012 / Security Implications of XML Processing

Page 59: XML Amsterdam 2012 / Security Implications of XML Processing

Page 60: XML Amsterdam 2012 / Security Implications of XML Processing

Page 61: XML Amsterdam 2012 / Security Implications of XML Processing

Page 62: XML Amsterdam 2012 / Security Implications of XML Processing

Page 63: XML Amsterdam 2012 / Security Implications of XML Processing

Page 64: XML Amsterdam 2012 / Security Implications of XML Processing

Page 65: XML Amsterdam 2012 / Security Implications of XML Processing

Page 66: XML Amsterdam 2012 / Security Implications of XML Processing

Page 67: XML Amsterdam 2012 / Security Implications of XML Processing

Page 68: XML Amsterdam 2012 / Security Implications of XML Processing

Page 69: XML Amsterdam 2012 / Security Implications of XML Processing

Page 70: XML Amsterdam 2012 / Security Implications of XML Processing

Page 71: XML Amsterdam 2012 / Security Implications of XML Processing

Page 72: XML Amsterdam 2012 / Security Implications of XML Processing

Page 73: XML Amsterdam 2012 / Security Implications of XML Processing

Page 74: XML Amsterdam 2012 / Security Implications of XML Processing

Page 75: XML Amsterdam 2012 / Security Implications of XML Processing

Page 76: XML Amsterdam 2012 / Security Implications of XML Processing

D a...Amsterdam Sloterdijk Amsterdam Centraal Amsterdam Centraal Amsterdam Amstel Schiphol Airport Amsterdam Zuid Amsterdam Bijlmer ArenA Utrecht Centraal Driebergen-Zeist …

D a...Amsterdam Sloterdijk Amsterdam Centraal Amsterdam Centraal Amsterdam Amstel Schiphol Airport Amsterdam Zuid Amsterdam Bijlmer ArenA Utrecht Centraal Driebergen-Zeist …

Documents

DISTRIBUTIONAL IMPLICATIONS OF A CARBON TAX...DISTRIBUTIONAL IMPLICATIONS OF A CARBON TAX 1255 Amsterdam Ave New York NY 10027 @ColumbiaUenergy BY JOSEPH ROSENBERG, ERIC TODER, AND

DISTRIBUTIONAL IMPLICATIONS OF A CARBON TAX...DISTRIBUTIONAL IMPLICATIONS OF A CARBON TAX 1255 Amsterdam Ave New York NY 10027 @ColumbiaUenergy BY JOSEPH ROSENBERG, ERIC TODER, AND

Documents

XML eXtensible Markup Language. Topics What is XML An XML example Why is XML important XML introduction XML applications XML support CSEB

XML eXtensible Markup Language. Topics What is XML An XML example Why is XML important XML introduction XML applications XML support CSEB

Documents

Plan Amsterdam - Metropoolregio Amsterdam

Plan Amsterdam - Metropoolregio Amsterdam

Documents

Introduction to XML - KTH to XML XML Document Type Deﬁnition, DTD XML Namespaces XML Schema XML Processors Other XML Standards Section XML …

Introduction to XML - KTH to XML XML Document Type Deﬁnition, DTD XML Namespaces XML Schema XML Processors Other XML Standards Section XML …

Documents

XML databases xml-db XML databases

XML databases xml-db XML databases

Documents

VU University Amsterdam University of Amsterdam · extensive support for managing HTML/SGML/XML and RDF documents. The system is particularly suited for server applications due to

VU University Amsterdam University of Amsterdam · extensive support for managing HTML/SGML/XML and RDF documents. The system is particularly suited for server applications due to

Documents

Prepared by...Unit – II: XML Introduction to XML: What is XML, XML verses HTML, XML terminology, XML standards, XML syntax checking, The idea of mark-up, XML Structure, Organizing

Prepared by...Unit – II: XML Introduction to XML: What is XML, XML verses HTML, XML terminology, XML standards, XML syntax checking, The idea of mark-up, XML Structure, Organizing

Documents

XML Ahmet Şentürk CmpE-587. Content XML XML Syntax XML Core Technologies WebDAV XML Web Services

XML Ahmet Şentürk CmpE-587. Content XML XML Syntax XML Core Technologies WebDAV XML Web Services

Documents

XML and Web Technologies XML Amsterdam 20111026

XML and Web Technologies XML Amsterdam 20111026

Documents

1 Les technologies XML Cours 1.2 : Introduction au langage XML (XML, DTD, XML-Schema) (XML, DTD, XML-Schema) Janvier 2009

1 Les technologies XML Cours 1.2 : Introduction au langage XML (XML, DTD, XML-Schema) (XML, DTD, XML-Schema) Janvier 2009

Documents

기존 마크업 언어와 XML XML 필요성과 적용 분야 XML 관련 표준 XML 사용 환경 XML 개발 환경 [ 실습 ] 간단한 XML 문서 작성

기존 마크업 언어와 XML XML 필요성과 적용 분야 XML 관련 표준 XML 사용 환경 XML 개발 환경 [ 실습 ] 간단한 XML 문서 작성

Documents

Wednesday 26th October 2011 Web Applications and XML ...adamretter.org.uk/presentations/xml-and-web-technologies_xml-amst… · info@existsolutions.com / #existdb / XML Amsterdam

Wednesday 26th October 2011 Web Applications and XML ...adamretter.org.uk/presentations/xml-and-web-technologies_xml-amst… · [email protected] / #existdb / XML Amsterdam

Documents

Major Enhancements - Vrije Universiteit Amsterdam · Major Enhancements for 2008 • Dynamic-capacity tables ... • Based on COBOL file handling syntax • Open, read and write XML

Major Enhancements - Vrije Universiteit Amsterdam · Major Enhancements for 2008 • Dynamic-capacity tables ... • Based on COBOL file handling syntax • Open, read and write XML

Documents

Club of Amsterdam Tourism/Marc_Bolick… · – Mash ups – Tagging – Communities, Tribes – Technologies (Ajax, web services, XML, etc.) Gusto grabber here. Security – CCTV

Club of Amsterdam Tourism/Marc_Bolick… · – Mash ups – Tagging – Communities, Tribes – Technologies (Ajax, web services, XML, etc.) Gusto grabber here. Security – CCTV

Documents

XML: Extending the Enterprise - Pearson Education · XML: Extending the Enterprise Extensible Markup Language (XML) is a simple data description language with profound implications

XML: Extending the Enterprise - Pearson Education · XML: Extending the Enterprise Extensible Markup Language (XML) is a simple data description language with profound implications

Documents

ASHIMA KALRA INTRODUCTION OF XML INTRODUCTION OF XML XML FEATURES XML FEATURES XML SYNTAX XML SYNTAX XML ELEMENTS XML ELEMENTS XML ATTRIBUTES

ASHIMA KALRA INTRODUCTION OF XML INTRODUCTION OF XML XML FEATURES XML FEATURES XML SYNTAX XML SYNTAX XML ELEMENTS XML ELEMENTS XML ATTRIBUTES

Documents

Amsterdam Gezi Rehberi / Amsterdam Guide

Amsterdam Gezi Rehberi / Amsterdam Guide

Documents

The Semantic Blessings of XSLT Diederik Gerth van Wijk dg@doxatrix.nl XML Holland 2008 Planetarium Gaasperplas, Amsterdam, 20 november DOXATRIX

The Semantic Blessings of XSLT Diederik Gerth van Wijk [email protected] XML Holland 2008 Planetarium Gaasperplas, Amsterdam, 20 november DOXATRIX

Documents

XML -- Extensible Markup Language - techfak.uni-bielefeld.dejoern/edu/xml/xmlpraxis/xml1-print.pdf · XML transformieren XML XML XSLT XSLT-Prozessor XSLT XSLT-Prozessor XML XML-Praxis

XML -- Extensible Markup Language - techfak.uni-bielefeld.dejoern/edu/xml/xmlpraxis/xml1-print.pdf · XML transformieren XML XML XSLT XSLT-Prozessor XSLT XSLT-Prozessor XML XML-Praxis

Documents

XML Amsterdam 2012 Keynote

XML Amsterdam 2012 Keynote

Technology

Strategic Implications of XML for your Publishing Business

Strategic Implications of XML for your Publishing Business

Technology

SDPL 20112: XML Basics1 2 Basics of XML and XML documents Survivor's Guide to XML, or XML for Computer Scientists / Dummies 2.1 XML and XML documents 2.2

SDPL 20112: XML Basics1 2 Basics of XML and XML documents Survivor's Guide to XML, or XML for Computer Scientists / Dummies 2.1 XML and XML documents 2.2

Documents

The XML Standard Overview of our XML Standards Motivation: HTML vs XML XML 101: syntax, elements, attributes, DTDs, … XML 201: XML Schema, Namespaces

The XML Standard Overview of our XML Standards Motivation: HTML vs XML XML 101: syntax, elements, attributes, DTDs, … XML 201: XML Schema, Namespaces

Documents

Introduction to XML History of XML Advantages of XML Syntax and structure of XML Rules of well formed XML document Components of XML XML Basics

Introduction to XML History of XML Advantages of XML Syntax and structure of XML Rules of well formed XML document Components of XML XML Basics

Documents

R. Winkels Comparing XML standards Alexander Boer Leibniz Center for Law University of Amsterdam

R. Winkels Comparing XML standards Alexander Boer Leibniz Center for Law University of Amsterdam

Documents

XML XML Web Applications 1. XML – XML is not…. 2. Basic XML Concepts 3. Defining XML Data Formats 4. Querying XML Data

XML XML Web Applications 1. XML – XML is not…. 2. Basic XML Concepts 3. Defining XML Data Formats 4. Querying XML Data

Documents

Research Infrastructures: Characteristics and Implications Wouter Los University of Amsterdam & LifeWatch research infrastructure RAMIRI2 Prague 2012

Research Infrastructures: Characteristics and Implications Wouter Los University of Amsterdam & LifeWatch research infrastructure RAMIRI2 Prague 2012

Documents

ART DECOR: an XML framework for medical metadata Marc de Graauw XML Amsterdam 2013

ART DECOR: an XML framework for medical metadata Marc de Graauw XML Amsterdam 2013

Documents

Amsterdam Dunes, Source for Nature expertmeeting... · Amsterdam Dunes, Source for Nature Report on the LIFE+ Project Expert meeting 5 2. Nitrogen deposition and its implications

Amsterdam Dunes, Source for Nature expertmeeting... · Amsterdam Dunes, Source for Nature Report on the LIFE+ Project Expert meeting 5 2. Nitrogen deposition and its implications

Documents