Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Backdooring Image Files - security notice

From: "pdp (architect)" <pdp.gnucitizen () googlemail com>
Date: Fri, 15 Dec 2006 13:14:59 +0800
I will be brief. There is a rather lame/concerning technique, most of
you know about, that allows JavaScript to be executed upon visiting an
image file. This issue is not due to some browser error, although
clearly IE has some issues with it, but it is due to web applications
not sanitizing user supplied content in a form of links.

I will skip the rest for those who are not interested in this topic.
Those who are interested can check this post:
http://www.gnucitizen.org/blog/backdooring-images

BIDs worth checking out:
* http://www.securityfocus.com/bid/3693
* http://www.securityfocus.com/bid/3116

This technique, although not as robust as the QuickTime flow, can be
used to write worms for Bulletin Boards, Blogs, Wikis and other types
of web systems. I conducted a small survey, which I am not going to
disclose, showing quite concerning figures.

Has anyone experienced these types of worms yet?

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: