-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Nick,
On 21 December 2000 at 13:17:37 -0800 (which was 21:17 where I
live) Nick Andriash wrote and made these points:
BR>> executable to launch without explicit action from a user? I'm
BR>> wondering if The Bat tries to show an attachment when the message
BR>> body is empty.
NA> If I am not mistaken, those viruses came to the List with a *.pif
NA> and *.scr attachment which TB! should not have tried to open
NA> despite having no text in the body.
Not only "should not" but "would not" - it has no mechanism to
automatically open *any* attachment with one caveat:
NA> TB! does in fact 'show' an attachment such as a *.jpg or *.png
NA> file without opening it, so I wonder if there is a vulnerability
NA> there.
It will "show" *the contents* of such an attachment (and of an HTML).
TB uses an internal rendering engine to show such imagery. The content
must conform to the format of these types. Shell execution techniques
are not used. From this I can be 100% certain that TB has no
vulnerability here.
- --
Cheers,
.\\arck
________________________________________________________________
[ Marck D. Pearlstone | Moderator TBUDL / TBBETA ]
[ PGP Key ID: 0x929DCDA0 | www: http://www.silverstones.com ]
[ PGP Key: http://www.silverstones.com/MarckPGP.asc ]
[ Any opinions are my own and not those of RIT labs ]
________________________________________________________________
TB! v1.48f S/N 14F4B4B2 on Windows NT 5.0 Build 2195 Service Pack 1
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 Secured
Comment: PGP Sealed for freshness
iQA/AwUBOkJ4wjnkJKuSnc2gEQIb+ACggDUP0FAGkivEZYmVI2aGGUPfQJMAoK+u
sDcqcHWwKDiVk56qD+GI/0xs
=P0Vu
-----END PGP SIGNATURE-----
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : archive@jab.org