Published at LXer:
Security specialist Jacques Copeau has analysed a number of well-known PHP applications for susceptibility to the MIME sniffing issue in Internet Explorer. This "protective" feature, originally introduced as a security measure in Internet Explorer 6 and 7, can in fact cause the browser to treat an image as HTML and execute embedded scripts.
Read More...