Applications

Version 12.1 by Nicolas Gregoire on 2012/01/13 14:59

Browsers

Webkit-based : libxslt

  • Todo :  CVE-2011-1774 = libxslt / Webkit exploit tested on Windows, Linux, iOS and webOS.

Firefox : Transformiix

Opera : Presto

Internet Explorer : MS XML

Web (server side)

ApplicationXSLT Engine Vulnerabilities
LiferayXalan-J File disclosure, code execution
PHP 5libxsltFile creation
Sharepoint MS XML File disclosure
DotNetNukeMS XML File disclosure 

Online services

W3C XSLT Gateway : Saxon
Online Toolz : libxslt
Shell Tools : libxslt
XSLT Java applet : XSLTC from Xalan-J

Office software

Adobe Reader : Sablotron

OpenOffice : libxslt

Lifera : libxslt (RSS reader embedding Webkit)

ApplicationXSLT Engine Vulnerabilities
LiferayXalan-J File disclosure, code execution
PHP 5libxsltFile creation
Sharepoint MS XML File disclosure
DotNetNukeMS XML File disclosure 

Security

xmlsec : libxslt

Lasso : libxslt

ApplicationXSLT Engine Vulnerabilities
LiferayXalan-J File disclosure, code execution
PHP 5libxsltFile creation
Sharepoint MS XML File disclosure
DotNetNukeMS XML File disclosure