There are quite a few resources on the subject. Http://www.exploit-db.com has a great deal of info. Also you can google "file format vulnerabilities" and "file format fuzzers" file format vulns are a juicy target since Patching third party apps are often overlooked.
Hope that helps Bart Sent from my Verizon Wireless BlackBerry -----Original Message----- From: Subba Rao <[email protected]> Sender: [email protected] Date: Tue, 25 Jan 2011 20:27:48 To: Pauldotcom<[email protected]> Reply-To: PaulDotCom Security Weekly Mailing List <[email protected]> Subject: [Pauldotcom] Embedded Malware I am having a serious discussion with one of my colleagues about embedded Malware. In our discussions, I have told him about about Malware in AVI and other media files which get spread from P2P networks etc. His argument is that Malware inside a media file is considered data. When you play the file, the application treats it like data and it should not effect the OS. His argument was not too strong but I need some information to show that embedded malware can be lethal to the OS. Any pointer in this subject area? Thank you in advance. Subba Rao _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
