|
|
|
|
|
|
by Mindless2112
3405 days ago
|
|
|
> PDF and JPEG Add ELF [1] and Zip [2] to the list. Many common file formats have areas where you can insert an arbitrary chunk of data without significant side effects. [1] ELF allows for a very flexible layout, and is almost certainly vulnerable to this length-extension-based attack. [2] Zip allows a comment at the end of the central directory. Since the central directory is at the end of the file, I don't know if it's vulnerable to this exact attack. |
|
|