Originally Published: Wednesday, 6 October 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Netscape parsing vulnerability

"Seems that at least some Unix versions of Netscape treat characters 0x8b and 0x9b (NOT the strings "0x8b" and "0x9b" but the characters with these ascii values) just like < and > respectively... I've tested this on Linux with Netscape versions 4.51 and 4.7;" [from BugTraq]