Die komplette Meldung könnt ihr auf der Quelle (Securityfocus) nachlesen.phpBB2 was found not to be vulnerable, as it does only allows files of the types
png, gif and jpeg. For all these filestypes, the software sends correct headers.
phpBB3 has a far more flexible upload system, but uses both comprehensive
blacklisting and upload validation to guard against issues. We were not able to
exploit IE mime sniffing within phpBB3.
Grüße,
Tekin
