info
discussion
exploit
solution
references
PHP 'htmlspecialcharacters()' Malformed Multibyte Character Cross Site Scripting Vulnerability
References:
PHP 5.2.12 ChangeLog
(PHP)
PHP 5.2.12 Release Announcement
(PHP)
PHP Bugs: #49785: htmlspecialchars() should check byte sequence more strictly
(hello at iwamot dot com)
PHP Homepage
(PHP)
Shift_JIS in, htmlspecialchars () but using XSS that can sometimes
(t_komura)
ASA-2010-015 php security update (RHSA-2010-0040)
(Avaya)
Ubuntu Security Notice USN-882-1
(Ubuntu)
Privacy Statement
Copyright 2010, SecurityFocus
