On Thu, 09 Dec 2004 22:02:20 -0000, Skywise spoketh
Isn't that what the jpeg library bug (search GDI+ on microsoft.com) was all about? Some buffer overflow somewhere that would allow the attacker to run code of their choice?
There's also the silly "picture_of_my_naked_sister.jpg.exe" crap. For those who have hidden the "registered extensions", that would show up as a jpg file, while for the rest of us, it would show up as the lamest (and I don't use that word often) attempt at fooling someone.
Lars M. Hansen