Survey: quotMIMEContent-Type-Sniffingquot Issues in Image Uploads in Forum Scripts
Posted by Jacques Copeau on May 28
Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts
Author: Jacques Copeau
Abstract
====================================================
Internet Explorer, especially versions 7 and 6, can be tricked to treat images
as html, opening XSS vulnerabilities in…