Jesse Noller writes:This is a bit ridiculous. This stuff looks easy enough that surely
> I guess someone need to write a proof of concept exploit for you
> and release it into the wild.
Christian's post informed any malicious body who didn't already know
how to do it. If the exploit matters, it's already in the wild.
("Hey, didja know that an XML processor that expands entities does so
recursively?" "Uh-oh ....")