开发者

Dangerous AVI files? [closed]

开发者 https://www.devze.com 2023-01-14 06:55 出处:网络
Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed. This question is off-topic. It is not currently accepting answers.

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 12 years ago.

Improve this question

Can *.avi or other media file contain any dangerous script or code? I saw following message in Microsoft Security Essentials:

Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommendation: Remove this software immediately.
Items: 
containerfile:C:\Users\...\amediafilename.avi
file:C:\Users\...\amediafilename.avi-&g开发者_运维技巧t;(ASF_Script_Commands)


These dangerous files (in general, any file can pose a treat) exploit a bug in a certain program or driver, usually via a buffer overflow. If your program uses that driver/helper/whatever, it can possibly lead to the virus being downloaded by proxy, even if your program is bug-free.


With the media files, they generally attack (or exploit) the codec that runs them. Because of this, the exploit code will run with the same permissions as the user running your application - if the user is running your app as admin (or is just running as admin on non UAC systems) then the exploit has full rights.

The rule is: never trust the input. If you run/execute external files (even via a linked library or embedded third party control) then you should avoid requiring that your app run as admin.

0

精彩评论

暂无评论...
验证码 换一张
取 消