GrayHat wrote:
Hmmm... not willing to "troll" or the like; but I saw in the past some hacks which leveraged "unzip applications" flaws causing buffer overflow and allowing to run code on the victim and in such cases all you needed was a specially crafted zip file; so I would avoid underestimating such files
But I did qualify that statement with:"are typically benign or are unable to execute code on systems */running reasonably current versions/* of operating systems or with applications required to read or open the files."
and with:"you will be required to */make your own best judgment/* depending on your environment and security requirements"
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
