[Full-Disclosure] Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue
fw at deneb.enyo.de
Tue Sep 14 08:23:03 BST 2004
> The first of the four would be the correct behaviour for a security
> conscious product, but based on empirical research this is not the
> common result.
Of course, this violates the robustness principle.
Are there any estimates how much (corporate) mail contains one of the
format violations you described? I could image that you can't reject
some of them because they are too widespread.
Full-Disclosure is hosted and sponsored by Secunia.