Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Critical PHP bug - act ASAP if you are running web with sensitive data
From: Moriyoshi Koizumi <moriyoshi () at wakwak com>
Date: Thu, 06 Apr 2006 09:58:41 +0900

Peter Conrad wrote:

Hi,

On Mon, Apr 03, 2006 at 11:06:01PM +0900, Moriyoshi Koizumi wrote:
While this is not part of the HTML / HTTP standards, major browsers around try to send such characters in the user input as HTML entities that cannot
all be represented in the encoding of the originating HTML page

out of curiosity: can you give an example for that behaviour? I've
never seen it.
http://www.voltex.jp/~moriyoshi/test/demo.php

Moriyoshi

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]