Re: Email based attack on University
On Wed, Oct 02, 2019 at 05:55:32PM +0200, ??tienne Mollier wrote:
> I don't believe MP3 allows executable code by specifications
> either, so shouldn't the PNG image format. But think of DSA
> 4435 which affected libpng earlier this year. When the OS
> library for handling multimedia has flaws, if an HTML email
> embeds a specifically crafted PNG image inlined in the content,
> then you wouldn't even have to hit the ???preview??? button to be
> screwed:
That would logically apply to ASCII text as well.
--
Carl Fink nitpicking@nitpicking.com
Read John Grant's book, Corrupted Science: http://a.co/9UsUoGu
Dedicated to ... Carl Fink!
Reply to: