Security Hero Rotating Header Image

quotMIMEContent-Type-Sniffingquot Issues in Image Uploads in Forum Scripts

Survey: quotMIMEContent-Type-Sniffingquot Issues in Image Uploads in Forum Scripts

Posted by Jacques Copeau on May 28

Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts
Author: Jacques Copeau

Abstract
====================================================
Internet Explorer, especially versions 7 and 6, can be tricked to treat images
as html, opening XSS vulnerabilities in…

URL: http://seclists.org/fulldisclosure/2009/May/0255.html

Leave a Reply

Powered by WP Hashcash

Spam Protection by WP-SpamFree

Bad Behavior has blocked 385 access attempts in the last 7 days.