[Snort-users] iFrame's in gifs
wkitty42 at ...14940...
Fri Jun 24 21:03:20 EDT 2011
On 6/24/2011 18:24, rmkml wrote:
> Hi James,
> Maybe: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Trojan:Win32/Jpgiframe.A
this is not directed at the URL above but more to the thread and what it depicts...
as an old time (35+ years) coder, i really have to ask, W!T!F!?! why would ANY
graphic processing library or engine ever switch modes in midstream when drawing
specifically graphic images?? this particular injection should introduce garbage
into the drawn image or cause an error resulting in the image drawing
terminating at that point... further processing should abort back to the html
processing stuff which should not even care or begin to process possible
residual graphical data in a (shared?) buffer... i'm completely flabbergasted
and dumbfounded at this :? :(
More information about the Snort-users