PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability

PHP is prone to a vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue can allow attackers to provide unexpected input and possibly bypass input-validation protection mechanisms. This can aid in further attacks that may utilize crafted user-supplied input.

Versions prior to PHP 5.3.4 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus