Missing XML Validation

index developmental dysplasia of the hip asian wedding exhibition wembley 2005 automotive battery battery.familytimes.info eurasia restaurant decatur asian ts pics map auto battery charger portable antivirus internet worm protection signature updates asian tsunami epicentre how to completely remove norton antivirus 2004 south africa crime rate african american gold medal african lion hunting videos http top norton antivirus update files norton antivirus update crack cervical hyperplasia asquared antivirus antivirus realtime protection failed to load agrisoft antivirus automobile convertible teaching hospitals australia catholic womens league of australia inc 2005 budget speech south africa top dogon mali africa white pages phone directory australia s africa v england 5th test semantic antivirus software the east asian crisis ciliated cell metaplasia dr solomons antivirus toolkit youth hostel australia african american woman in business dvd stores australia recipe african black soap hot asian poverty eradication in africa top african american poem asian xoxo african themed weddings adware antivirus free moors of africa latter day saints australia economic outlook 2005 australia

Last revision (mm/dd/yy): //

Vulnerabilities Table of Contents

Description
Failure to enable validation when parsing XML gives an attacker the opportunity to supply malicious input.

Most successful attacks begin with a violation of the programmer's assumptions. By accepting an XML document without validating it against a DTD or XML schema, the programmer leaves a door open for attackers to provide unexpected, unreasonable, or malicious input. It is not possible for an XML parser to validate all aspects of a document's content; a parser cannot understand the complete semantics of the data. However, a parser can do a complete and thorough job of checking the document's structure and therefore guarantee to the code that processes the document that the content is well-formed.

Risk Factors

 * Talk about the factors that make this vulnerability likely or unlikely to actually happen
 * Discuss the technical impact of a successful exploit of this vulnerability
 * Consider the likely [business impacts] of a successful attack

Short example name

 * A short example description, small picture, or sample code with links

Short example name

 * A short example description, small picture, or sample code with links

Related Attacks

 * Attack 1
 * Attack 2

Related Vulnerabilities

 * Vulnerability 1
 * Vulnerabiltiy 2

Related Controls

 * Category:Input Validation

Related Technical Impacts

 * Technical Impact 1
 * Technical Impact 2