funsec mailing list archives
RE: Format of embedded graphics
From: "Discini, Sonny" <Sonny.Discini () montgomerycountymd gov>
Date: Thu, 29 Dec 2005 09:11:45 -0500
It came through formatted as HTML to me...I have unregistered shimgvw.dll per the Microsoft work-around and the .gif came through as an attachment, the placeholder in the email is the 'can't view the graphic' red X box. Marc D'Aloisio, CISSP Network Security Analyst; Security Incident Response State of Connecticut - Department of Information Technology Most of you, I suspect, read e-mail as plain text. For experimental purposes this message is sent as HTML with a graphic embedded with a question <outbind://218-000000005384F517C8AD9748884180DED30A6CDAA4615401/http://w ww.larryseltzer.com/testimage.gif> This graphic was a non-malicious WMF file that I renamed .GIF and embedded. So what happens to the format of such a graphic when embedded in an HTML e-mail? Is it forced to GIF or JPG, or is it perhaps still a WMF and potentially malicious? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ <http://security.eweek.com/> http://blog.ziffdavis.com/seltzer <http://blog.ziffdavis.com/seltzer> Contributing Editor, PC Magazine larryseltzer () ziffdavis com I have made no changes to my system and I see the graphic displayed the same way, a red X placeholder. Sonny Discini, Senior Network Security Engineer Department of Technology Services Enterprise Infrastructure Division Montgomery County Government
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Format of embedded graphics D'Aloisio, Marc (Dec 29)
- <Possible follow-ups>
- RE: Format of embedded graphics D'Aloisio, Marc (Dec 29)
- RE: Format of embedded graphics Discini, Sonny (Dec 29)