On Wed, 2004-09-01 at 09:24, Tomasz Papszun wrote: > On Tue, 31 Aug 2004 at 13:55:39 -0500, Daniel J McDonald wrote: > [...] > > Incidentally, I've gotten a number of .chm files lately in a unicode > > message. Clamav hasn't twigged on them, but I ban them with amavis-new > > anyway. Are there any known exploits with .chm files, or is that just > > another way to move SPAM around? > > Yes, there are known exploits with .chm files.
CHM ("Compiled HTML") is just another archive format with some extra
files in it with meta-information. Despite the name, they can contain
any type of file, including exe's.
The ClamAV development version contains an unpacker for CHM archives.
-trog
signature.asc
Description: This is a digitally signed message part
