Re: Microsoft "Patch" CAUTION

From: Jim Watt (jimwatt@aol.no.way)
Date: 03/15/03


From: Jim Watt <jimwatt@aol.no.way>
Date: Sat, 15 Mar 2003 12:06:20 +0100

On Sat, 15 Mar 2003 06:27:37 GMT, webspider <webspider@hg.com> wrote:

>One trick is to use double extensions, i.e. badfile.bmp.exe . With
>this Windows Explorer will use the 1st extension as the MIME type,
>thus showing it is a image file. However once it's clicked on ...
>
>David

Yes, I'm aware of that one - this really was a .bmp

One of my younger clients explained that this was a common
trick and that there is a mechanism where it gets executed

I remain without understanding on that.

--
Jim Watt          http://www.gibnet.com


Relevant Pages

  • Re: IE will not open or DL Office ".doc" files, but will ".rtf" fi
    ... > From what I can tell, the status bar displays only the "label" of the link ... But getting back to the task at hand, trying to download a file, ... Document (for extension .doc) has another Action in its list: ... you may be able to detect the MIME type they were downloaded ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Variable Select Case ranges ?
    ... Only images of specified (extension type) are considered within the ... I use the DIR function to point to these file types from the directory ... Determine if these are of Image file types via extension ... If (IsImageType) and chkJPEG.value = vbChecked then ...
    (comp.lang.basic.visual.misc)
  • Detecting mime types
    ... the mime type based on the file extension. ... extension matching (if you can map the extension as certain files such ... On unix the OS has a utility called file which makes a good guess at ...
    (comp.lang.java.programmer)
  • Re: OT: security
    ... client is as unreliable as the file extension, ... Internet standards state that the type of a content ... is uniquely specified by a suitable MIME type. ... but still this name is only a descriptive text that suggest to the client ...
    (comp.lang.php)
  • Re: OT: security
    ... client is as unreliable as the file extension, ... If someone uploads some malicious content (maybe ... is uniquely specified by a suitable MIME type. ... But a webmaster builds a site for the users, and a good webmaster takes users into consideration. ...
    (comp.lang.php)