vb.org Archive - VB Attachment Validation

vb.org Archive (https://vborg.vbsupport.ru/index.php)

- vB3 General Discussions (https://vborg.vbsupport.ru/forumdisplay.php?f=111)

- - VB Attachment Validation (https://vborg.vbsupport.ru/showthread.php?t=104360)

thedagda

01-03-2006 07:39 PM

VB Attachment Validation

Given the currently un-patched Windows vulnerability out there regarding rogue .wmf files, I have a question. Does VB actually check the code of the file supplied (i.e. through a gd call in PHP) or is simply checking the extension of the file?

If it simply checks the extension, is anyone one else, who allows file uploads, doing anything to screen files more securely?

All times are GMT. The time now is 03:15 PM.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.00869 seconds Memory Usage 1,698KB Queries Executed 10 (?)
More Information
Template Usage: (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_navbar_search (1)printthread (1)printthreadbit (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit showthread	Included Files: ./printthread.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/class_bbcode_alt.php ./includes/class_bbcode.php ./includes/functions_bigthree.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete printthread_start bbcode_fetch_tags bbcode_create bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete printthread_post printthread_complete
Messages: