Re: Email based attack on University

To: debian-user@lists.debian.org
Subject: Re: Email based attack on University
From: Carl Fink <carl@finknetwork.com>
Date: Wed, 2 Oct 2019 12:47:13 -0400
Message-id: <[🔎] 20191002164713.GA18539@panix.com>
In-reply-to: <[🔎] e71167d4-d48b-2e21-2756-f3cf90365241@mailoo.org>
References: <[🔎] dc2186e3-138a-ba0e-3243-fd7766b24db2@gmail.com> <[🔎] 54ee1ddd-6324-4f70-8517-942c4a8e63aa@www.fastmail.com> <[🔎] 20191002124111.GA14534@smallapple.localnet> <[🔎] 20191002132737.GA24055@panix.com> <[🔎] 20191002140602.GA14672@smallapple.localnet> <[🔎] CAJmb-Y=vwP--0cQsF2a--9jGYb4D5tg_MhjHURzPChWCp=qJaA@mail.gmail.com> <[🔎] 20191002154641.GC9844@tuxteam.de> <[🔎] e71167d4-d48b-2e21-2756-f3cf90365241@mailoo.org>

On Wed, Oct 02, 2019 at 05:55:32PM +0200, ??tienne Mollier wrote:

> I don't believe MP3 allows executable code by specifications
> either, so shouldn't the PNG image format.  But think of DSA
> 4435 which affected libpng earlier this year.  When the OS
> library for handling multimedia has flaws, if an HTML email
> embeds a specifically crafted PNG image inlined in the content,
> then you wouldn't even have to hit the ???preview??? button to be
> screwed:

That would logically apply to ASCII text as well.
-- 
Carl Fink                           nitpicking@nitpicking.com 

Read John Grant's book, Corrupted Science: http://a.co/9UsUoGu 
Dedicated to ... Carl Fink!

Reply to:

Follow-Ups:
- Re: Email based attack on University
  - From: Étienne Mollier <etienne.mollier@mailoo.org>
- Re: Email based attack on University
  - From: David Wright <deblis@lionunicorn.co.uk>

References:
- Email based attack on University
  - From: Keith Bainbridge <keithrbau@gmail.com>
- Re: Email based attack on University
  - From: "Jeremy Nicoll" <jn.ml.dbn.25@letterboxes.org>
- Re: Email based attack on University
  - From: Henning Follmann <hfollmann@itcfollmann.com>
- Re: Email based attack on University
  - From: Carl Fink <carl@finknetwork.com>
- Re: Email based attack on University
  - From: Henning Follmann <hfollmann@itcfollmann.com>
- Re: Email based attack on University
  - From: Nicholas Geovanis <nickgeovanis@gmail.com>
- Re: Email based attack on University
  - From: <tomas@tuxteam.de>
- Re: Email based attack on University
  - From: Étienne Mollier <etienne.mollier@mailoo.org>

Prev by Date: Re: Email based attack on University
Next by Date: Re: shell wrappers for trig and other mathematical functions
Previous by thread: Re: Email based attack on University
Next by thread: Re: Email based attack on University
Index(es):
- Date
- Thread