BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Apache Server HTML Injection and UTF-7 XSS Vulnerability May 17 2008 10:10PM
William A. Rowe, Jr. (wrowe rowe-clan net)
yos20053 (at) gmail (dot) com [email concealed] wrote:
> Dear Bill From Apache
>
> I think that you didn't understand this vulnerability properly.

We understand it quite well; we simply disagree on the context of which
is vulnerable, the Apache server which holds to RFC2616, or IE (and Firefox
apparently in some cases) which ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus