JPEG: Danger also with xnview?

[Lasse]

Hello!

These days, there was a Microsoft-Bug with JPEG-Images, who can
cause a buffer overflow and insert some code.

What happens, if such a manupulated JPEG-Image is opened with xnview?

No danger at all? Or depends it on the windows-version?

Regards,
Lasse

[xnview]

These days, there was a Microsoft-Bug with JPEG-Images, who can
cause a buffer overflow and insert some code.
What happens, if such a manupulated JPEG-Image is opened with xnview?
No danger at all? Or depends it on the windows-version?

I don't think that there is a problem, because microsoft don't use the same library, and if you open a such jpeg with xnview, what's happened? Nothing, only perhaps a crash of xnview.
Pierre.

[MaierMan]

Tested with sample found at:
http://www.easynews.com/virus.html

With XNView 1.70 you simply see the regular jpeg-file-icon (no thumb).
You cannot open it with xnview... Says that the format cannot be determined.
The image itself doesnt contain valid image data for what I read. Thus its correct that nothing was displayed.
No crashes.

I dont think Pierre just copied pretty old Netscape code.
Thus no bug
(While MS seems to have done exactly this ).

PS: Norton Antivirus 2004 was found it via auto-protect...
Saying it was found thru Bloodhound.

[helmut]

Tested with sample found at:
http://www.easynews.com/virus.html
...

Maierman, thank you very much for testing this and letting us know.

Gruß, Helmut