Vulnerability Development mailing list archives
Re: Infected jpeg files?
From: Rob Pickering <rob () pickering org>
Date: Fri, 09 Nov 2001 20:06:29 +0000
A possible hole that I can see goes as follows:Certain browsers employ an algorithm that inspects the first few bytes of incoming content and if it looks like HTML displays as text/html even if the MIME type in the Content-Type: header says it is something else.
I suppose that that such a browser receiving a JPEG file constructed, using COMment records etc to make it look and parse enough like an HTML file to fool the browser (whilst also being a valid JPEG file) may well run embedded <script> tags etc.
-- Rob. Krul Thomas wrote:
Having used various JPEG formats for about 10 years now, and having worked along side software developers familiar with the inner workings of the JPEG format, I have some comments to add to this thread. #1 I have never heard of anybody ever having been infected by a JPEG file.
Current thread:
- Re: Infected jpeg files?, (continued)
- Re: Infected jpeg files? Mathias Dybvik (Nov 09)
- Re: Infected jpeg files? terry white (Nov 09)
- Re: Infected jpeg files? H C (Nov 09)
- Re: Infected jpeg files? Thor (Nov 09)
- Re: Infected jpeg files? H C (Nov 09)
- RE: Infected jpeg files? OBrien, Brennan (Nov 08)
- RE: Infected jpeg files? Oliver Petruzel (Nov 09)
- RE: Infected jpeg files? Bruce Ediger (Nov 09)
- RE: Infected jpeg files? Chan, Stephen (TIS, Singapore) (Nov 09)
- RE: Infected jpeg files? OBrien, Brennan (Nov 09)
- RE: Infected jpeg files? Krul Thomas (Nov 09)
- Re: Infected jpeg files? Rob Pickering (Nov 09)
- Re: Infected jpeg files? zen-parse (Nov 09)
- RE: Infected jpeg files? Brass, Phil (ISS Atlanta) (Nov 09)
- RE: Infected jpeg files? Thor (Nov 09)
- Re: Infected jpeg files? Oliver Bleutgen (Nov 11)
- strange thing happend to me Sould3mon (Nov 12)
- RE: strange thing happend to me Oliver Petruzel (Nov 12)
- strange thing happend to me Sould3mon (Nov 12)
- Re: Infected jpeg files? Pete Simpson (Nov 12)