Page 1 of 1

What type of script is this?

Posted: Thu Dec 17, 2009 12:18 pm
by RickRasta
I found this short animation that plays on this page: http://blog.avast.com/2009/12/10/100-million-users/ (The clip about the 100 millionth user). This plays even when no scripts are running. Could anyone use this type of script for more mischievous purposes?? Or what type of script is it that no script doesn't block? Or am I mistaken and this is not even any type of script?

Re: What type of script is this?

Posted: Thu Dec 17, 2009 2:51 pm
by therube
Not a "clip".
It's an animated gif. Just like this :oops: .

So whatever exploits that may exist against a gif render-er, I guess could be exploited.

Re: What type of script is this?

Posted: Thu Dec 17, 2009 10:48 pm
by Giorgio Maone
therube wrote:So whatever exploits that may exist against a gif render-er, I guess could be exploited.

We should add that you can't do anything about it, short than disabling image display.
On the other hand, Jpeg, GIF and PNG decoders are relatively simple and tested enough today to make a viable exploit very unlikely, especially if compared to how easy is mounting an attack against Javascript or plugins.

Re: What type of script is this?

Posted: Tue Dec 29, 2009 9:12 am
by Tom T.
Giorgio Maone wrote:
therube wrote:So whatever exploits that may exist against a gif render-er, I guess could be exploited.

We should add that you can't do anything about it, short than disabling image display.
On the other hand, Jpeg, GIF and PNG decoders are relatively simple and tested enough today to make a viable exploit very unlikely, especially if compared to how easy is mounting an attack against Javascript or plugins.

@ Giorgio: I have image.animation_mode set to "none". The Avast photos remain still images, as do all others. "Assuming" that an exploit were possible, would this prevent it, or are you saying that the exploit would be in one or more of the still images themselves, rather than in the animator?

I also have browser.blink_allowed set to "false".