Month of PHP Bugs – Day 9

Day 9 of the PHP month of the bugs brings a vulnerability which involves POST data in the FDF format. I’m just wondering if Stefan Esser’s commitment to release at least one PHO bug a day will last until March 31. Anyway, here is number 17 :

  1. PHP ext/filter FDF Post Bypass Vulnerability POST data in the FDF format is not processed at all by ext/filter. When PHP is compiled with FDF support, sitewide enforced filtering will not be performed on it.




Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback. Print This Post Print This Post


Subscribe without commenting


Leave a Reply

Note: Any comments are permitted only because the site owner is letting you post, and any comments will be removed for any reason at the absolute discretion of the site owner.

CommentLuv badge