Vulnerability Development: RE: Infected jpeg files?

["OBrien, Brennan" <BOBrien () columbia com>]

Well, just my two cents here... 

Given that images are a major way of transmitting encoded data, it
stands to reason that the hooks could exist  -- that is, it could be a
transport mechanism.  However, the viewer itself would have to know to
look for them and have the capability of doing something with them.  In
otherwords, just cause I'm speaking in Japanese to you doesn't mean you
understand what I'm saying.  





-----Original Message-----
From: rginski () co pinellas fl us [mailto:rginski () co pinellas fl us] 
Sent: Tuesday, November 06, 2001 5:23 PM
To: vuln-dev () securityfocus com
Subject: Infected jpeg files?

Mailer: SecurityFocus

Is it possible for a virus to infect a jpeg (*.jpg) file, 

then the jpg file to infect other files?...without 

changing the files characteristics? In other words, a 

jpeg file (file.jpg) is infected and it 

remains "infected_file.jpg". It is possible for a file type 

as jpeg to have a payload or cause damage although 

it's just being viewed? Perhaps something like 

steganagraphy...except embedding vbs (or 

something) causing infection by way of the viewer? I 

guess another way of asking the question is:



Is it possible to get infected by just viewing jpeg files?



I realize that's a "wide open question" I just don't 

know how else to explain myself. Thanks in advance 

for your patience and help.