[PLUG] First JPEG virus is out there

Bill Thoen bthoen at gisnet.com
Tue Sep 28 10:46:02 PDT 2004


On Tue, 28 Sep 2004, Paul Heinlein wrote:

> Image files are parsed and "executed" by various rendering libraries. 
> If those libraries don't do proper bounds checking, regardless of 
> whether the host OS is Windows or Linux, a buffer overflow could 
> occur.

So what do the bad guys actually do with a "buffer overflow"? How does 
that run a virus installer instead of just crashing?

-Bill Thoen






More information about the PLUG mailing list