[Commons-l] GIFAR vulnerability and commons
Daniel Schwen
lists at schwen.de
Mon Aug 11 22:41:36 UTC 2008
> Please no scare mongering. Wikimedia sites are not vulnerable to this.
Yeah, sorry, but you know what they say about paranoid admins...
> What I wasn't able to reproduce is a file which both passed the upload
> validation and which was executed by the Sun JRE... though I didn't
Well, that part works:
http://commons.wikimedia.org/wiki/Image:Gifar.gif
and test page at
http://toolserver.org/~dschwen/test.html
> try hard once I realize that the use of a different domain for
> uploading provided strong protection. It might well be that the upload
That is true. So there is no way to get to cookies at all? There are the
wikipedia.org centralauth_Token and centralauth_User
would an applet not be able to read those in a browser that supports
LiveConnect?
What the applet then would do with the cookies is another story.
--
[[en:User:Dschwen]]
[[de:Benutzer:Dschwen]]
[[commons:User:Dschwen]]
More information about the Commons-l
mailing list