[Full-disclosure] XSS with UTF-7 in Google

XSS with UTF-7 in Google XSS with UTF-7 was found in www.google.com (already fixed). Although charset was specified in HTTP response header, but charset-name was incorrect so XSS occurred. PoC: http://www.google.com/search?hl=enoe=cp932q=%2BADw-script%2BAD4-alert(

[Full-disclosure] XSS with UTF-7 in yahoo.com

- Idiomatic expression of EUC-JP jis - Idiomatic expression of ISO-2022-JP MS932 / MS932 / CP942C - Comparable encodings to Shift_JIS on Java Windows-31J - IANA registered name for Codepage 932, but not registered in Windows. Status: Nov 16 2007 reported to Yahoo and was fixed immediately. -- HASEGAWA

[Full-disclosure] XSS using Atom feed in www.ibm.com

cannot be understood, IE6 starts deciding file type by the Content-Disposition header. Then, it can be prevented from being judged file type as HTML by PATH_INFO with adding Content-Disposition header such as: Content-Disposition: inline; filename=a.xml -- HASEGAWA Yosuke [EMAIL PROTECTED

Re: [Full-disclosure] UTF reverse-writing WYSINWG feature

that the malware which used this trick is distributed through a Winny the most famous P2P software in Japan - network. Execution of malware by this trick can be prevented by restricting execution of the file which contains RLO in a filename,using group (or local) policy. -- HASEGAWA Yosuke

[Full-disclosure] MS07-034: Executing arbitrary script with mhtml: protocol handler

hoshikuzu|star_dust who told me the problem that it is introduced to the public in 2004 existing for 2006 years even in the moment, the offer of PoC, and various information. -- HASEGAWA Yosuke yosuke.hasegawa at gmail.com Microsoft MVP for Windows - Security (Oct 2005 - Sep 2007

Re: [Full-disclosure] [WEB SECURITY] Universal XSS with PDF files: highly dangerous

The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/ The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed] -- HASEGAWA Yosuke [EMAIL PROTECTED

Re: [Full-disclosure] Backdooring Image Files - security notice

/functions/findmimefromdata.asp Of course, a result may become mismatch by the browser and server side. Or, adding Content-Disposition: attachment for response header, It can be used to prevent executing script on browser directly. -- HASEGAWA Yosuke [EMAIL PROTECTED

Re: [Full-disclosure] IE7 is a Source of Problem - Secunia IE7 Release Incident of October 2006

. There for, It is possible for this to prevent trying to steal the contents of your server via mhtml redirection. -- HASEGAWA Yosuke [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted