-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Nick,

On 21 December 2000 at 13:17:37 -0800 (which was 21:17 where I
live) Nick Andriash wrote and made these points:

BR>> executable to launch without explicit action from a user? I'm
BR>> wondering if The Bat tries to show an attachment when the message
BR>> body is empty.

NA> If I am not mistaken, those viruses came to the List with a *.pif
NA> and *.scr attachment which TB! should not have tried to open
NA> despite having no text in the body.

Not  only  "should  not"  but  "would  not"  -  it has no mechanism to
automatically open *any* attachment with one caveat:

NA> TB! does in fact 'show' an attachment such as a *.jpg or *.png
NA> file without opening it, so I wonder if there is a vulnerability
NA> there.

It  will "show" *the contents* of such an attachment (and of an HTML).
TB uses an internal rendering engine to show such imagery. The content
must  conform to the format of these types. Shell execution techniques
are  not  used.  From  this  I  can  be  100%  certain  that TB has no
vulnerability here.

- --
 Cheers,
 .\\arck
 ________________________________________________________________
[    Marck D. Pearlstone | Moderator TBUDL / TBBETA              ]
[ PGP Key ID: 0x929DCDA0 | www: http://www.silverstones.com      ]
[ PGP Key: http://www.silverstones.com/MarckPGP.asc              ]
[    Any opinions are my own and not those of RIT labs           ]
 ________________________________________________________________
TB! v1.48f S/N 14F4B4B2 on Windows NT 5.0 Build 2195 Service Pack 1

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 Secured
Comment: PGP Sealed for freshness

iQA/AwUBOkJ4wjnkJKuSnc2gEQIb+ACggDUP0FAGkivEZYmVI2aGGUPfQJMAoK+u
sDcqcHWwKDiVk56qD+GI/0xs
=P0Vu
-----END PGP SIGNATURE-----

-- 
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   <mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
   <mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------

You are subscribed as : archive@jab.org


Reply via email to