The hunt is on for file format bugs
Posted by Sachin Garg on 31st July 2005 | Permanent Link
ZDnet has this interesting article on how flaws in the way applications handle compressed file formats are drawing interest among security researchers, according to speakers at the Black Hat security conference here.
They have speculated that “There could be a significant increase in the discovery of such flaws” and one has to agree with this.
iDefense, a security intelligence company, is making available tools that let researchers automate the discovery of file format vulnerabilities. The company released the tools on Thursday in conjunction with Black Hat.
October 2nd, 2006 at 1:58 pm
[…] Developers of applications or core libraries which handle such file formats definitely need to be more careful. Last year when we saw such issues in more widely deployed GIF and JPEG formats, iDefense, a security intelligence company, in conjunction with Black Hat, made available tools that let researchers automate the discovery of file format vulnerabilities. […]