HomeFile Formats Security Issues

Reply to comment

File Formats Security Issues

Sat, 02/13/2010 - 13:00 — decalage

This is a series of articles about file formats and related security issues. In 2003 I had presented an article in French about this subject at the SSTIC conference: [SSTIC03]. In the following articles I will provide an updated version in English with more information about common file formats.

The original location of this book is http://www.decalage.info/file_formats_security.

Each file format will be described with the following information:

  • File format description
  • Links to specification documents and technical information about the format
  • Main client applications
  • Main security issues
  • Examples of known vulnerabilities and exploits
  • Useful analysis tools
  • Parsing tools and libraries
  • Filtering tools and libraries

In the future I plan to cover common file formats such as PDF, MS Office (binary and Open XML), HTML, XML, RTF, ZIP, JPEG, EXE, etc. Stay tuned! ;-)

Reply

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <b> <address> <blockquote> <br> <caption> <center> <code> <dd> <del> <div> <dl> <dt> <em> <font> <h2> <h3> <h4> <h5> <h6> <hr> <i> <img> <li> <ol> <p> <pre> <span> <strong> <sub> <sup> <table> <tbody> <td> <tfoot> <th> <thead> <tr> <u> <ul> <tr>
  • Lines and paragraphs break automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>. The supported tag styles are: <foo>, [foo].
  • Use [toc list: ol; title: Table of Contents; minlevel: 2; maxlevel: 3; attachments: yes;] to insert a mediawiki style collapsible table of contents. All the arguments are optional.

More information about formatting options

By submitting this form, you accept the Mollom privacy policy.