Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Infected jpeg files?

Re: Infected jpeg files?

From: Blue Boar <BlueBoar_at_thievco.com>
Date: Thu, 08 Nov 2001 23:09:24 -0800

"Chris D. Sloan" wrote:
>
> As with most things where the question is, "Is it possible...?" the
> answere is that, yes it is *possible*. Someone could have written the
> viewer to specifically interpret the JPEG contents as an executable.
> The particular viewer you are using might overflow its stack and maybe
> a carefully constructed JPEG could take advantage of that to run
> malicious code.

http://securityfocus.com/bid/1503

>
> Unless the person who wrote your viewer was malicious, though, I would
> suspect the threat of anything like this actually happening in the
> real world is about as high as the threat that there exist malicious
> text files which would cause Notepad to infect other text files.

Wordpad, not Notepad (AFAIK.)

                                        BB
Received on Nov 09 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos