Re: [PHP] Check RAW data

Date: Sun, 20 Apr 2008 21:07:42 +0100
From: Richard Heyes <richardh@xxxxxxxxxxx>
Subject: Re: [PHP] Check RAW data

I mean, if you already specified it as a PNG image with header(), how
do you execute Javascript/malicious code, as the browser will render
it as a PNG?

Malicious code can still be embedded in images. The vulnerabilities ISTRare in Windows image handling libraries. I assume they've been fixed nowthough because it was some time ago. But that doesn't mean to say morewon't be found.


--
Richard Heyes

+----------------------------------------+
| Access SSH with a Windows mapped drive |
|    http://www.phpguru.org/sftpdrive    |
+----------------------------------------+

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Follow-Ups:
- Re: [PHP] Check RAW data
  - From: rb
- Re: [PHP] Check RAW data
  - From: Nitsan Bin-Nun

References:
- [PHP] Check RAW data
  - From: rb
- Re: [PHP] Check RAW data
  - From: Jason Norwood-Young
- Re: [PHP] Check RAW data
  - From: Regular email

Prev by Date: Re: [PHP] Check RAW data
Next by Date: Re: [PHP] Cron php & refresh
Previous by thread: Re: [PHP] Check RAW data
Next by thread: Re: [PHP] Check RAW data
Index(es):
- Date
- Thread

lists-archives.org

Re: [PHP] Check RAW data