[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] test this

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] test this
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Thu, 29 Dec 2005 13:20:27 -0500

Mix in a generous helping of 'type sniffing' by MS so that you can name WMF files .gif or .jpg or some other random suffix and you have one hell of a problem that can only really be completely fixed by MS releasing a patch to kill execution of embedded executable code in WMF files.

Has anyone tested the renamed .wmf -> .jpg trick and embedding the image in a HTML email (using Outlook, et.al) ?

That'd make it even nastier.

/mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: Re[2]: [Full-disclosure] test this
  - From: Todd Towles
- RE: Re[2]: [Full-disclosure] test this
  - From: Peter Ferrie
- RE: Re[2]: [Full-disclosure] test this
  - From: Benjamin Franz

Prev by Date: RE: Re[2]: [Full-disclosure] test this
Next by Date: [Full-disclosure] Is this a Virus?
Previous by thread: RE: Re[2]: [Full-disclosure] test this
Next by thread: RE: Re[2]: [Full-disclosure] test this
Index(es):
- Date
- Thread