[Esd-l] bmp, cur, ico, ani need mangling or scanning ?
SmartD at VMCMAIL.com
Tue Jan 11 14:07:13 PST 2005
Today's MS patches fix the icon vulnerability.
> -----Original Message-----
> From: esd-l-bounces at spconnect.com
> [mailto:esd-l-bounces at spconnect.com] On Behalf Of Pierre Etchemaite
> Sent: Monday, January 10, 2005 7:53 AM
> To: Email Security Discussion list
> Subject: [Esd-l] bmp, cur, ico, ani need mangling or scanning ?
> See advisory
> By the way, it seems that many readers and decoding
> libraries contain overflows. I think I've also seen
> advisories about .tga, or even *shrug* .pdf.
> Does something like a safe format exist ? :(
> Best regards,
> Esd-l mailing list
> Esd-l at spconnect.com
More information about the esd-l