GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]

From: Roland Postle (mailat_private)
Date: Mon Sep 02 2002 - 10:54:06 PDT

Next message: Dan Kaminsky: "Re: Plain text files in internet explorer"

Previous message: Bernie Cosell: "Re: Plain text files in internet explorer"
In reply to: Dan Kaminsky: "Re: Plain text files in internet explorer"
Next in thread: FX: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: FX: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Jason Coombs: "RE: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Gerhard den Hollander: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Dom De Vitto: "RE: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Blue Boar: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> GIFs can't exploit your 
> system.  Flash files can, just like any executable.

This myth that static data files such as gifs, jpegs and zip files
/can't/ exploit your system really gets to me. Virus scanners continue
to scan only 'active' content, but some applications are in such
widespread use now that it's only a matter of time before a
vulnerability in say, Winzip's file handling, is exploited in a virus
that infects .zip files. Or a vulnerability in IE's jpeg module that
allows jpegs to carry viruses. It's not 'just like any executable', but
it's not automatically safe either.

- Blazde

Next message: Dan Kaminsky: "Re: Plain text files in internet explorer"
Previous message: Bernie Cosell: "Re: Plain text files in internet explorer"
In reply to: Dan Kaminsky: "Re: Plain text files in internet explorer"
Next in thread: FX: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: FX: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Jason Coombs: "RE: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Gerhard den Hollander: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Dom De Vitto: "RE: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Reply: Blue Boar: "Re: GIFs Good, Flash Executable Bad [Was: Plain text files in internet explorer]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 02 2002 - 15:40:15 PDT