Full Disclosure mailing list archives
Re: new worm - "warm-pussy.jpg".
From: Valdis.Kletnieks () vt edu
Date: Wed, 12 Nov 2003 23:52:28 -0500
On Thu, 13 Nov 2003 01:08:06 PST, Gadi Evron <ge () egotistical reprehensible net> said:
HTML _is_ plain-text. Just because the server sends it as plain text doesn't mean the browser won't execute it. It does.
Well.. sure... a .JPG might have some executable code in it, right? :) At least this time they're improving. They're executing plain text that was called .jpg. Last time, they executed javascript that was in the comments field of an actual jpg.
Attachment:
_bin
Description:
Current thread:
- new worm - "warm-pussy.jpg". Tom Russell (Nov 12)
- Re: new worm - "warm-pussy.jpg". segfault (Nov 12)
- Re: new worm - "warm-pussy.jpg". Blue Boar (Nov 12)
- Re: new worm - "warm-pussy.jpg". segfault (Nov 12)
- Re: new worm - "warm-pussy.jpg". Gadi Evron (Nov 12)
- Re: new worm - "warm-pussy.jpg". Scott Taylor (Nov 12)
- Re: new worm - "warm-pussy.jpg". Valdis . Kletnieks (Nov 12)
- Re: new worm - "warm-pussy.jpg". Evidence (Nov 13)
- Re: new worm - "warm-pussy.jpg". I.R. van Dongen (Nov 13)
- Re: new worm - "warm-pussy.jpg". Blue Boar (Nov 12)
- <Possible follow-ups>
- Re: new worm - "warm-pussy.jpg". Feher Tamas (Nov 13)
- Re: new worm - "warm-pussy.jpg". segfault (Nov 12)