funsec mailing list archives
Re: Format of embedded graphics
From: Florian Weimer <fw () deneb enyo de>
Date: Thu, 29 Dec 2005 22:03:54 +0100
* Larry Seltzer:
So what happens to the format of such a graphic when embedded in an HTML e-mail? Is it forced to GIF or JPG, or is it perhaps still a WMF and potentially malicious?
Imagemagick recognizes it as WMF, and tries to render it -- but I lack the necessary wmf2eps tool, so this step fails. (Gnus tries to display it as a GIF image and fails, silently.) Oh, and your test case prompted me to discover a shell-command injection vulnerability in Imagemagick. *sigh* _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re[2]: Get your computer viruses here!, (continued)
- Re[2]: Get your computer viruses here! Drsolly (Dec 28)
- Re: Re[2]: Get your computer viruses here! val smith (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 29)
- Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics nodialtone (Dec 29)
- Re: Format of embedded graphics Gadi Evron (Dec 29)
- Re: Format of embedded graphics Barrie Dempster (Dec 29)
- Re: Format of embedded graphics David Lodge (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- RE: Format of embedded graphics Larry Seltzer (Dec 29)
- Re: Format of embedded graphics Florian Weimer (Dec 29)
- Re: Get your computer viruses here! Drsolly (Dec 29)
- Re: Get your computer viruses here! Florian Weimer (Dec 28)
- Re: Get your computer viruses here! val smith (Dec 28)
- RE: Get your computer viruses here! Randy Abrams (Dec 28)
- Re: Get your computer viruses here! Nick FitzGerald (Dec 28)
- RE: Get your computer viruses here! Randy Abrams (Dec 28)
- Re: Get your computer viruses here! Drsolly (Dec 28)