Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Improper Character Handling In PHP BasedScriptslike PhpBB, IPB etc.

From: Disco Jonny <discojonny () gmail com>
Date: Tue, 24 Jan 2006 11:33:44 +0000
Hi,

I dont get a crash, Win2k Mozilla/5.0 (Windows; U; Windows NT 5.0;
en-GB; rv:1.7.12) Gecko/20050919 Firefox/1.0.7

However,

If i paste into the google toolbar that comes with firefox then both
the -- are removed.  when I paste a second time it happens the same

as in
--test then paste again --test
displays
testtest

If i then highlight this and delete it i am still left with the word
test.  It would seem that the - symbols get reinterpreted into acsii
(cause there is 4 of them the word test reappears)

If i do exactly the same with the seach box on www.google.co.uk then i
get 1 minus sign in the box and when i highlight and delete all i get
'st' ( leading me to believe its the - symbols)

dont know if this helps

Cheers.

dj

On 24/01/06, Edward Pearson <Ed () unityitservices co uk> wrote:


Ok,
I can reproduce it, try pasting the two chars in question into ANY textbox
in FF 1.5 twice, Please inform me if you get a crash.

  *Edward Pearson - IT Engineer*
t:  0870 851 8188
f:  0870 851 8198
m: 07729 155751
w: www.unityitservices.co.uk  9 Fishers Estate | Wiggenhall Road | Watford
| Hertfordshire | WD18 0FN







Support Contracts Software Solutions Broadband Disaster Recovery
Hardware Sales Hosting Services Database Development Network Installations



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: