[ic] Security Problem in Interchange
Grant
emailgrant123b at yahoo.com
Mon Mar 29 20:06:59 EST 2004
--- Jon Jensen <jon at endpoint.com> wrote:
> On Mon, 29 Mar 2004, Grant wrote:
>
> > So I am safe without the patch if I don't use
> > @@MV_PREV_PAGE@@ and [subject] at all?
>
> At least for the particular exploit that has been
> discussed. It's possible
> there are other pages that use @@MV_PREV_PAGE@@ or
> [subject] that could be
> vulnerable, and protecting against the unknown is
> what the patch is good
> for. But for a quick fix against this particular
> problem, yes, scrubbing
> special_pages/missing.html seems to do the trick.
>
> Jon
Sounds good. Thanks Jon.
- Grant
__________________________________
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
http://taxes.yahoo.com/filing.html
More information about the interchange-users
mailing list