Jesse Noller writes:

 > I guess someone need to write a proof of concept exploit for you
 > and release it into the wild.

This is a bit ridiculous.  This stuff looks easy enough that surely
Christian's post informed any malicious body who didn't already know
how to do it.  If the exploit matters, it's already in the wild.
("Hey, didja know that an XML processor that expands entities does so
recursively?"  "Uh-oh ....")