Your colleague is naive. See how many ways can you express in two words how application data can lead to compromise.
Buffer overflow Format string Poor validation Heap corruption data = input = evil = data Jim On 25 January 2011 19:27, Subba Rao <[email protected]> wrote: > I am having a serious discussion with one of my colleagues about > embedded Malware. In our discussions, I have told him about about > Malware in AVI and other media files which get spread from P2P networks > etc. > > His argument is that Malware inside a media file is considered data. > When you play the file, the application treats it like data and it > should not effect the OS. His argument was not too strong but I need > some information to show that embedded malware can be lethal to the OS. > Any pointer in this subject area? > > Thank you in advance. > > Subba Rao > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
