ColdFusion: X-Files, Trust No One (Mime Type Security Issues)
If you do any file uploads on your site, a recent entry on Raymond Camden's blog is a must read on mime type security holes. The issue has been around forever, but people are often unaware of it. When it comes to uploading, remember the X-Files: Trust No One ;)
http://www.coldfusionjedi.com/index.cfm/2009/6/30/Are-you-aware-of-the-MIMEFile-Upload-Security-Issue
0 comments:
Post a Comment