4 Jan
2013
4 Jan
'13
4:23 p.m.
On 04/01/13 16:00, Jookia wrote:
Hello,
Pardon my ignorance, but how would an invalid UTF-8 sequence cause a security threat? All I can think it would do is create garbage.
Different software treat malformed UTF-8 sequences differently. One piece of software may consider that the sequence contains some special characters while others might not. This can be used for SQL injection among others.