PHP 4.x/5.0 - 'Strip_Tags()' Function Bypass

Author: Stefan Esser
type: remote
platform: php
port: 
date_added: 2004-07-14 
date_updated: 2013-01-21 
verified: 1 
codes: CVE-2004-0595;OSVDB-7871 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/10724/info

It is reported that it is possible to bypass PHPs strip_tags() function.

It is reported that under certain circumstances, PHPs strip_tags() function will improperly leave malformed tags in place.

This vulnerability may mean that previously presumed-safe web applications could contain multiple cross-site scripting and HTML injection vulnerabilities when viewed by Microsoft Internet Explorer or Apple Safari web browsers.

It is reported that 'magic_quotes_gpc' must be off for PHP to be vulnerable to this issue.

If a web application uses strip_tags() similar to:
$example = strip_tags($_REQUEST['user_input'], "<b><i><s>");

Then possible tags that may lead to exploitation might be:
<\0script> or <s\0cript>