PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Embedded Malware

From: Jim Halfpenny <jim.halfpenny () gmail com>
Date: Wed, 26 Jan 2011 17:21:59 +0000
Your colleague is naive. See how many ways can you express in two
words how application data can lead to compromise.

Buffer overflow
Format string
Poor validation
Heap corruption

data = input = evil = data

Jim

On 25 January 2011 19:27, Subba Rao <kleanchap () tanucoo com> wrote:

I am having a serious discussion with one of my colleagues about
embedded Malware.  In our discussions, I have told him about about
Malware in AVI and other media files which get spread from P2P networks
etc.

His argument is that Malware inside a media file is considered data.
When you play the file, the application treats it like data and it
should not effect the OS.  His argument was not too strong but I need
some information to show that embedded malware can be lethal to the OS.
 Any pointer in this subject area?

Thank you in advance.

Subba Rao
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: