BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
PHP "multipart/form-data" denial of service Nov 20 2009 12:01PM
Bogdan Calin (bogdan acunetix com)
Description
------------
PHP version 5.3.1 was just released. This release contains a patch for a
denial of service condition we've reported on 27 October 2009. The
problem is related with PHP's handling of RFC 1867 (Form-based File
Upload in HTML).

When you send a POST request to a PHP script with...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus