[Esd-l] Modifying the sanitizer to scan for INCLUDETEXT fields

Brett Glass brett at lariat.org
Tue Oct 1 22:36:01 PDT 2002

At 10:15 PM 9/26/2002, John D. Hardin wrote:

>This is the "steal-a-file" vulnerability?


>Do you have a patch? 

Not for your code, but essentially it's a field (not a macro)
called INCLUDETEXT containing a filename.


More information about the esd-l mailing list