-
Archives
- November 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- September 2007
- April 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- April 2006
- August 2005
- April 2005
- March 2005
- March 2004
-
Meta
Monthly Archives: May 2009
Major applications fail to include full Unicode support
As I’ve found with most of the major Web-apps out there, including social media giants like Facebook and others, Unicode support is far from complete. I’m not a big MySQL guy, but have been building some stuff lately and ran … Continue reading
Posted in Unicode
Leave a comment
Advisory: International Components for Unicode CVE-2009-0153
Big ones from Apple today: http://support.apple.com/kb/HT3549 CVE-ID: CVE-2009-0153 Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6 Impact: Maliciously crafted content may bypass website filters and result in cross-site scripting Description: An implementation issue … Continue reading
Unicode security attacks and test cases – Best-fit mappings and String transformations
Best-fit mappings are another complex topic in Unicode, easily overlooked or misunderstood. On the defensive side, if you can only remember two things: Converting to Unicode is safe. Converting between legacy character sets is dangerous. Ah forget it, unfortunately it’s … Continue reading