Re: [Full-Disclosure] Windows Movie maker 2 determines a supportive file type JUST by judging its extension!

[Bipin Gautam <door_hUNT3R@xxxxxxxxxxxxxxxxx>]

programmers at microsoft doing such a blunder CARELESSNESS!!!

<let the world know>

YAP, i feel its a seripus issue in one of its highly highlighted product

this would prove lot of inconvinence to most users [I DON'T THINK YOU USE MOVIE 
MAKER]


--- Bill Weiss <houdini@xxxxxxx> wrote:
>Bipin Gautam(door_hUNT3R@xxxxxxxxxxxxxxxxx)@Sun, Sep 14, 2003 at 11:35:06PM 
>-0700:
>> 
>> 
>> 
>> ---DESCRIPTION---
>> Windows Movie Maker 2 only determines whether a file type is supportive by 
>> it or not, ONLY by judging its extension. So, suppose if you have to import 
>> a VCD movie (*.dat) to your Windows Movie Maker 2 you have to copy the whole 
>> file to a read/write drive rename its extension to *.mov (ie: any extension 
>> that media player 2 recognizes)
>>      Amazingly, windows movie maker 1 effectively judges a supportive movie 
>> file by its header so it doesn't matter even if you rename a movie file to 
>> *.zip, it would effectively look at the header data and allow us to import 
>> in WINDOWS MOVIE MAKER 1. But strangely, Windows Movie Maker judges a 
>> supportive file type just by judging its extension! This could prove very 
>> inconvenient if we have to import a file through network or read-only drives.
>
>Ok, so, what's the security problem in this?  It's a crap program, why do
>we care?
>
>-- 
>Bill Weiss
> 
>In the future we're all going to regret this period in music where
>our tastes were determinedby 11 year old girls and wrestling fans.
>        -- Moby

_____________________________________________________________
Secure mail ---> http://www.blackcode.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html