Tagged Questions
12
votes
3answers
1k views
How can I be protected from pictures vulnerabilities?
I've just read this question What is the corrupted image vulnerability? How does it work?
(GIFAR, EXIF data with javascript, etc..)
I'm asking myself how can I protect myself and my website's users.
...
6
votes
5answers
479 views
How should I serve untrusted / unsanitized documents (PDF, DOC, XLS) to end users over the web?
My website will be hosting documents for end users and I would like to make this as secure as possible.
Question
Assuming that I have a need to share documents on a website that may contain hostile ...
5
votes
3answers
2k views
Is it possible to inject HTML into image to provoke XSS?
Some answers mention that it's possible to inject attacker-controlled HTML into images and therefore provoke XSS.
I guess that this HTML will be processed by browser only if hole exists in browser. ...
4
votes
2answers
900 views
Exploits or other security risks with SVG upload?
I have a site, where people can upload graphics, you might think of it like an image hoster or a forum for pictures.
Now, I allow upload of raster graphics to a certain size, but no vector graphics ...
-2
votes
6answers
2k views
Use PHP to check uploaded image file for malware?
I want my users to be able to upload a photo. Currently I am not checking the uploaded photo for problems of any kind, although I do limit the size to 32k.
Is there any way for me to check uploaded ...
