Simple Machines Forum 'image/bmp' MIME Type HTML Injection Vulnerability

Simple Machines Forum 'image/bmp' MIME Type HTML Injection Vulnerability

References:

Simple Machines SMF Homepage (Simple Machines)
SMF 1.1.9 and 2.0 RC1-1 released (Simple Machines)
Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts (Jacques Copeau )

Privacy Statement
Copyright 2010, SecurityFocus