[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Xmas virus on the cards ?

To: full-disclosure@lists.netsys.com
Subject: RE: [Full-Disclosure] Xmas virus on the cards ?
From: "security squirrel" <secsquirrel@lycos.com>
Date: Thu, 18 Dec 2003 11:27:09 -0400

It all sounds very much like he's talking about the renamed html - jpg file on 
the HTTP server. However they say the following:
"To avoid difficulties, firms should check their mail filtering systems to 
ensure they handle emailed images in the same way as other HTML traffic, and 
should also educate users about this issue."

This indicates that the Mail filtering system should be handling the renamed 
image file. Which logically should also mean that the renamed image file is in 
the email. 

>In short, when IE is NOT given any other hints as to the type of content of
>a particular link - that is, the link does not come from <A IMG...> or an
>HTML email message with MIME type information in it, but simply is pointed
>right at http://foo.com/I_am_not_really_an_image.JPG - IE will evaluate the
>header bytes of the object, a la the UNIX "file" command, and if it is one
>of I think 28 formats that IE can puzzle out, IE will "helpfully" launch it
>with the "correct" handler application.



____________________________________________________________
Free Poetry Contest. Win $10,000. Submit your poem @ Poetry.com!
http://ad.doubleclick.net/clk;6750922;3807821;l?http://www.poetry.com/contest/contest.asp?Suite=A59101

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: RE: [Full-Disc]: [Full-Disclosure] Xmas virus on the cards ?
Next by Date: RE: [Full-Disclosure] Xmas virus on the cards ?
Previous by thread: RE: [Full-Disclosure] Xmas virus on the cards ?
Next by thread: RE: [Full-Disclosure] Xmas virus on the cards ?
Index(es):
- Date
- Thread