Re: [Full-Disclosure] Insufficient input checking on web site allows dangerous HTML TAGS

From: Michal Zalewski (lcamtufat_private)
Date: Thu Jul 31 2003 - 15:41:47 PDT

Next message: Tri Huynh: "[Full-Disclosure] RAV ActiveX Buffer overflow in ravupdt.dll file"

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 31 Jul 2003, Michael Scheidell wrote:

> Severity: Serious
> Category: Arbitrary Execution of HTML of Hackers Choice

HTML gets executed nowadays?

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2003-08-01 00:40 --

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Tri Huynh: "[Full-Disclosure] RAV ActiveX Buffer overflow in ravupdt.dll file"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 31 2003 - 16:20:30 PDT