On Sun, Mar 02, 2008 at 04:11:43PM -0800, Andrew Sackville-West wrote: > The potential hole I see in mutt is not actually a hole in mutt but in > various helpers used by mutt users. For example, many of us use w3m or > links or some other text browser to dump html messages to plain text > for viewing in mutt. A vulnerability in these text browsers could be > exploited. Maybe some kind of carefully crafted image could cause > problems with imagemagick which I use to view images from within > mutt... really any file that you get to through mutt's mailcap is > dangerous in that it could exploit the vulnerabilities in whatever app > is used to handle that file.
I see a potential for holes in my setup, because I view pps/ppt files with pptview, which is actually a MS app and runs with wine. I think it is very unlikely that a pps/ppt file could contain an exploit to escalate privileges on a linux machine, but I would prefer to avoid this. Anyone knows a free ppt/pps viewer (no, OOo Impres does *not* qualify as a viewer)? Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein)
signature.asc
Description: Digital signature
