Testing for Naughty SOAP Attachments (OWASP-WS-006)

Brief Summary
An attacker can craft an XML document to send to a web service that contains malware as attachments. Testing to ensure the Web Service host inspects SOAP attachments should be included in the web application testing plan.

Description of the Issue
2) general malware (Viruses and Trojans) that can be included as binary attachments that are processed on the host machine,

Black Box testing and example
Testing for Topic X vulnerabilities: ... Result Expected: ...

Gray Box testing and example
Testing for Topic X vulnerabilities: ... Result Expected: ...