Welcome to WebmasterWorld Guest from 54.221.87.97

Forum Moderators: open

Message Too Old, No Replies

Frontpage flaw lets hackers in

     

korkus2000

2:00 pm on Sep 27, 2002 (gmt 0)

WebmasterWorld Senior Member korkus2000 is a WebmasterWorld Top Contributor of All Time 10+ Year Member



[eweek.com...]
The vulnerability is in the SmartHTML Interpreter in FPSE 2000 and 2002 and involves the way the interpreter handles requests for some Web files. The interpreter is designed to provide support for Web forms and other dynamic Web content.

Looks like MS jumped on this one quickly.

brotherhood of LAN

2:27 pm on Sep 28, 2002 (gmt 0)

WebmasterWorld Administrator brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



give an attacker the ability to run any code of choice

Most likely valid code too. Thanks for the heads up Korkus.

I'm trying to move away from those easy to make FP forms......FP components needing the extensions simply are not reliable enough.