In the dynamic field of cybersecurity, it is often the obscure and long-forgotten vulnerabilities that pose a hidden threat to otherwise hardened systems. One such vulnerability lies in invalid character encodings that violate the UTF-8 standard. While overlong UTF-8 encodings may seem like an esoteric topic reserved for those deep in the trenches of encoding standards, the security implications can be profound and are worth considering. Therefore, our colleague Dominique Dittert at usd HeroLab thought it was time to revisit this issue now to bring back some memories.
Read her full article here:
From Unicode to Exploit: The Security Risks of Overlong UTF-8 Encodings.