* Roland Postle <mail_at_blazde.co.uk> (Mon, Sep 02, 2002 at 06:54:06PM +0100)
> > GIFs can't exploit your
> > system. Flash files can, just like any executable.
>
> This myth that static data files such as gifs, jpegs and zip files
> /can't/ exploit your system really gets to me. Virus scanners continue
> to scan only 'active' content, but some applications are in such
> widespread use now that it's only a matter of time before a
> vulnerability in say, Winzip's file handling, is exploited in a virus
> that infects .zip files. Or a vulnerability in IE's jpeg module that
> allows jpegs to carry viruses. It's not 'just like any executable', but
> it's not automatically safe either.
There have been mp3s that exploited a buffer overflow in mp3 tag parsing.
Currently listening to: CD Audio Track 8
Gerhard, <@jasongeo.com> == The Acoustic Motorbiker ==
--
__O An all I can say is that my lifes is pretty plain
=`\<, You don't like my point of view, you think that I'm insane
(=)/(=) It's not sane, it's not sane
Received on Sep 03 2002
Intro
