Re: Are WAV files dangerous?
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 08/16/04
- Next message: kurt wismer: "Re: Are WAV files dangerous?"
- Previous message: Tim H.: "Re: Are WAV files dangerous?"
- In reply to: Tim H.: "Re: Are WAV files dangerous?"
- Next in thread: Criminal Element: "Re: Are WAV files dangerous?"
- Reply: Criminal Element: "Re: Are WAV files dangerous?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 15 Aug 2004 22:40:39 GMT
"Thor Kottelin" corrected me with the reply of the "x-wav exploit" which is a buffer
overflow vulnerability. So it has been stated.
Dave
"Tim H." <tekphobia@comcast.net> wrote in message news:SsRTc.297727$JR4.21178@attbi_s54...
|
| "Franky" <franklin_lo@mail.com> wrote in message
| news:95466BA3363D31E75@127.0.0.1...
| > I am aware that some MP3s can exploit weaknesses in the player.
| > Eg. Winamp 2.81 http://www.securityfocus.com/archive/1/303934
| >
| > But can a WAV file also be dangerous? Using Google, only a few
| > people say 'yes'. So is this just a myth?
|
| Not sure why no one else mentioned this...
|
| If a program has unchecked data buffers, then it's susceptible to buffer
| overflows. And if a jpeg, wav or mp3 contains data to exploit that overflow,
| then yes, a wav file COULD be dangerous. The file itself isn't dangerous,
| only when used with the program it's trying to exploit.
|
| -Tim
|
| >
| > If a WAV is actually dangerous then does AVG have the ability to
| > detect bad WAVs?
|
|
- Next message: kurt wismer: "Re: Are WAV files dangerous?"
- Previous message: Tim H.: "Re: Are WAV files dangerous?"
- In reply to: Tim H.: "Re: Are WAV files dangerous?"
- Next in thread: Criminal Element: "Re: Are WAV files dangerous?"
- Reply: Criminal Element: "Re: Are WAV files dangerous?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
