[Esd-l] bmp, cur, ico, ani need mangling or scanning ?
Smart,Dan
SmartD at VMCMAIL.com
Tue Jan 11 14:07:13 PST 2005
Today's MS patches fix the icon vulnerability.
http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx
<<Dan>>
> -----Original Message-----
> From: esd-l-bounces at spconnect.com
> [mailto:esd-l-bounces at spconnect.com] On Behalf Of Pierre Etchemaite
> Sent: Monday, January 10, 2005 7:53 AM
> To: Email Security Discussion list
> Subject: [Esd-l] bmp, cur, ico, ani need mangling or scanning ?
>
> See advisory
>
> http://www.securityfocus.com/archive/1/385342/2004-12-22/2004-12-28/0
>
>
> By the way, it seems that many readers and decoding
> libraries contain overflows. I think I've also seen
> advisories about .tga, or even *shrug* .pdf.
>
> Does something like a safe format exist ? :(
>
> Best regards,
> Pierre.
> _______________________________________________
> Esd-l mailing list
> Esd-l at spconnect.com
> http://www.spconnect.com/mailman/listinfo/esd-l
More information about the esd-l
mailing list