Educause Security Discussion mailing list archives

PNG based spam/malware

From: Patrick P Murphy <pmurphy () NRAO EDU>
Date: Wed, 6 May 2009 13:20:56 -0400

I don't know about the rest of you, but I've noticed a significant
uptick in e-mail spam in the form of image-only messages (usually in PNG
format).  It's no secret that there has been at least one PNG rendering
vulnerability discovered recently (e.g., CVE-2009-0040) so I won't be
surprised if the two are related.  On my system, Firefox does reference
libpng.

My question: does anyone have a recommendation for a toolkit to *check*
such an image, short of actually viewing it in a vulnerable browser or
image viewer?  I'd really like to document an example of what such
spam/malware looks like and what it can do.

Thanks in advance,

 - Pat

--
 Patrick P. Murphy, Ph.D.   Webmaster (East), Computing Security Manager
 http://www.nrao.edu/~pmurphy/          http://chien-noir.com/maze.shtml
 "Inventions then cannot, in nature, be a subject of property."
                                    -- Thomas Jefferson, August 13, 1813

Current thread:

PNG based spam/malware Patrick P Murphy (May 06)
- <Possible follow-ups>
- Re: PNG based spam/malware Joe St Sauver (May 06)