any difference. For those of you that have the patch, I am curious if
there is any difference between the following two snippets of code.
<cfscript>
foo = "";
bar = foo.getClass().forName("java.lang.String");
bar = bar.newInstance();
</cfscript>
and...
<cfscript>
foo = "";
bar = foo.getClass().forName("java.lang.String").newInstance();
</cfscript>
-Matt
On Feb 17, 2004, at 4:03 PM, Jochem van Dieten wrote:
> Matt Liotta said:
> >> You mean you have already found a workaround for Maromedia's fix?
> >
> > I am not aware of this fix. Care you to share some information? I be
> > happy to see if it is exploitable.
>
> http://www.macromedia.com/devnet/security/security_zone/mpsb04-01.html
>
> Jochem
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
