Full Disclosure mailing list archives

Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability

From: Valdis.Kletnieks () vt edu
Date: Thu, 16 Sep 2004 09:59:35 -0400

On Wed, 15 Sep 2004 16:34:32 EDT, Barry Fitzgerald said:

Why did this need a Vmyths advisory?

So far, I haven't read any disinformation in the media regarding this.  
A virus can actually be embedded in the file with this vulnerability 
(or, any program, really) and the vulnerable programs really can be 
exploited using the jpeg files.  I don't think this is at all comparible 
to an april fools joke or a steganography-using malware implementation 
-- they're completely different than this.


I read it as "yes, there's a bug, but it's a 'yawn, *another* hole, get to
patching *again*' issue rather than 'death of the Internet predicted, film
at 11'".

Attachment: _bin
Description:

Current thread:

[Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Rob Rosenberger (Sep 15)
- Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability KF_lists (Sep 15)
- Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Barry Fitzgerald (Sep 15)
  - Re: [Bulk] Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Byron L. Sonne (Sep 15)
  - Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Nick FitzGerald (Sep 15)
  - Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Valdis . Kletnieks (Sep 16)
- Re: [Vmyths.com ALERT] Hysteria predicted for 'JPEG Processor' vulnerability Georgi Guninski (Sep 16)