R Ginski, If there was some sort of buffer overflow/other way of causing the code to function in a manner inconsistant with it's design due to the content/formatting of the .jpg image then yes, there could be a payload designed to be set off upon viewing of the .jpg image. Otherwise, the .jpg image specifies (simplified) values of pixels in a compressed format and thus the .jpg specification does not include the ability to run code by default. -Jove On 7 Nov 2001 rginskiat_private wrote: > Mailer: SecurityFocus > > Is it possible for a virus to infect a jpeg (*.jpg) file, > then the jpg file to infect other files?...without > changing the files characteristics? In other words, a > jpeg file (file.jpg) is infected and it > remains "infected_file.jpg". It is possible for a file type > as jpeg to have a payload or cause damage although > it's just being viewed? Perhaps something like > steganagraphy...except embedding vbs (or > something) causing infection by way of the viewer? I > guess another way of asking the question is: > > Is it possible to get infected by just viewing jpeg files? > > I realize that's a "wide open question" I just don't > know how else to explain myself. Thanks in advance > for your patience and help. >
This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 00:21:48 PST