RE: ANI Exploits in Spam

["James C Slora Jr" <Jim.Slora () phra com>]

Someone else did a very nice writeup of ANI exploitation on the Web with a
"sploit.anr" file I have also encountered a couple of times in the past
three weeks. I don't have samples of that one because of details I don't
want to go into.

http://www.mnin.org/forums/viewtopic.php?t=112
 
Since cursors are automagical files, they can apparently be exploited under
extensions other than .cur and .ani