[ic] Security Problem in Interchange
emailgrant123b at yahoo.com
Mon Mar 29 20:06:59 EST 2004
--- Jon Jensen <jon at endpoint.com> wrote:
> On Mon, 29 Mar 2004, Grant wrote:
> > So I am safe without the patch if I don't use
> > @@MV_PREV_PAGE@@ and [subject] at all?
> At least for the particular exploit that has been
> discussed. It's possible
> there are other pages that use @@MV_PREV_PAGE@@ or
> [subject] that could be
> vulnerable, and protecting against the unknown is
> what the patch is good
> for. But for a quick fix against this particular
> problem, yes, scrubbing
> special_pages/missing.html seems to do the trick.
Sounds good. Thanks Jon.
Do you Yahoo!?
Yahoo! Finance Tax Center - File online. File on time.
More information about the interchange-users