You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
soap
About this tag
The SOAP tag on WindowsForum.com covers security vulnerabilities and practical issues related to the SOAP protocol in various environments. Discussions include CVE-2025-6491, a NULL pointer dereference in the PHP SOAP extension triggered by oversized XML namespace prefixes, and SOAPwn, a .NET SOAP WSDL flaw enabling file writes and remote code execution. The tag also features SoaPy, a tool for Active Directory enumeration via ADWS, and historical SharePoint vulnerabilities involving crafted SOAP requests. Additionally, users troubleshoot SOAP header issues in .NET web services on Windows 7. These threads highlight SOAP's role in both enterprise integration and security research.
The PHP ecosystem suffered a practical and easily-triggered availability bug when researchers disclosed CVE-2025-6491: a NULL pointer dereference in the PHP SOAP extension caused by an oversized XML namespace prefix. The defect is not a subtle compiler edge case — it is reliably reproducible...
Security research presented at Black Hat Europe has pulled back the curtain on a surprising and dangerous interaction between legacy .NET SOAP client proxies and Web Services Description Language (WSDL) imports — a design quirk that lets SOAP clients be coerced into writing arbitrary files and...
In an era where cybersecurity demands ever-more sophisticated tools and methods, a recent breakthrough in Active Directory enumeration has emerged from the research labs of IBM X-Force Red. The innovative tool, SoaPy, demonstrates a stealthy approach to gathering Active Directory data through...
Severity Rating: Important - Revision Note: V1.0 (December 14, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft SharePoint. The vulnerability could allow remote code execution in the security context of a guest user if an attacker...
Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability in Microsoft SharePoint. The vulnerability could allow remote code execution in the security context of a guest user if an attacker sent a specially crafted SOAP request to the Document...
I'm running into a strange problem. I have a simple C# console app that calls an external web service referenced within my VS 2008 .NET solution. The web service is defined as a service reference, per the vendor. The service requires login credentials to be sent as part of the SOAP header...