[Esa-l] Mangle IMG tags
Brett Glass
brett at lariat.org
Fri Oct 6 04:37:39 PDT 2000
At 05:08 AM 10/6/2000, Administrador da Rede wrote:
>What I'd like to know is if it's possible to mangle the IMG tag only
>when they are retrieved from another server, I noticed the WEBBUG
>option but that cuts out even attached IMGs.
Ironically, attached IMGs can be dangerous too. Bugtraq has mentioned
exploits that work via buffer overflows, etc. caused by malformed
image files. The image file triggers a bug in the renderer....
--Brett
More information about the esd-l
mailing list