Hi there,
On Tue, 18 Jul 2017, Alex wrote:
Hi guys, just submitted an "ace" archive with a .cmd inside.
# sha1sum PROFORMA\ INVOICE_xls.ace
97757622d5d568b01faa9d662818eebd40b1e0c0 PROFORMA INVOICE_xls.ace
We've now disabled "ace" files (who even knew they existed?)
...
mail6:~$ >>> grep b
Am 18.07.2017 um 19:21 schrieb Paul Kosinski:
"...the worst thing that might happen would involve crashing the
player..."
No, the worst thing that might happen is that a buffer overflow results
in code execution in the player's security context. With deliberate
malicious code added to the MP3
"...the worst thing that might happen would involve crashing the
player..."
No, the worst thing that might happen is that a buffer overflow results
in code execution in the player's security context. With deliberate
malicious code added to the MP3 data stream, this could even lead to
encrypting th
Paul,
I don't know how an MP3 file would contain malware, other than possible
exploits of MP3 player/processor flaws.
If you want to have MP3 files scanned anyway, it is possible to change the
file type signatures for MP3 so they are not ignored. Also, I don't know of
any signatures for MP3.
Ste