|
WebApp Sec
mailing list archives
Re: Universal PDF XSS Remediation (Fix)
From: "Amit Klein" <aksecurity () gmail com>
Date: Thu, 15 Feb 2007 08:46:44 +0200
Please see
http://www.owasp.org/index.php/Talk:PDF_Attack_Filter_for_Java_EE, where
OWASP states: "Absolutely - fixed", which is simply wrong.
You completely misinterpreted the statement in OWASP's page here!
The full text there is:
Should this page be in the Countermeasures category and have a link
off of https://www.owasp.org/index.php/Category:Countermeasure?
Absolutely - fixed
The "fix" then relates not to the solution, but to the position of
this page in the OWASP website...
-Amit
-------------------------------------------------------------------------
Sponsored by: Watchfire
As web applications become increasingly complex, tremendous amounts of
sensitive data - personal, medical and financial - are exchanged, and
stored. Consumers expect and demand security for this information. This
whitepaper examines a few vulnerability detection methods - specifically
comparing and contrasting manual penetration testing with automated
scanning tools. Download "Automated Scanning or Manual Penetration
Testing?" today!
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fH6
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
