File:Vulnerability analysis of HD photo image viewer applications (IA vulnerabilitynal109453285).pdf
Original file (1,275 × 1,650 pixels, file size: 2.36 MB, MIME type: application/pdf, 206 pages)
Captions
Summary
[edit]Vulnerability analysis of HD photo image viewer applications ( ) | ||
---|---|---|
Author |
Juan, Clifford C. |
|
Title |
Vulnerability analysis of HD photo image viewer applications |
|
Publisher |
Monterey, California. Naval Postgraduate School |
|
Description |
The introduction of Microsoft's new graphics file format, Windows Media Photo, into the mainstream market in 2006 has been one of the most interesting developments in the digital world. The file format, which has since been renamed to HD Photo in November of 2006, is being touted as the successor to the ubiquitous JPEG image format, as well as the eventual de facto standard in the digital photography market. With massive efforts already underway to increase the software support of this file format, to make available support for digital camera makers to incorporate it into their products, and to propose the file format to the Joint Photography Experts Group in order to make HD Photo as a standard itself, HD Photo is poised to become as widespread as any of the common image file formats today. This provides the motivation into studying whether the HD Photo file format can be used as a vehicle to compromise a user s system. This work addresses the security of handling the HD Photo file format as it pertains to image viewer applications. Whenever an application is updated to accommodate a new file format, it is possible that the application in question can be vulnerable to exploitation. This is a concern, especially if a malformed instance of that file format can make the application to deviate from its specified behavior and cause the execution of arbitrary code. This thesis investigates if some of the existing applications today that render image files are susceptible to compromise by opening a malformed HD Photo image file. The goal of this thesis is to test the security of various image viewer applications compatible with the HD Photo file format. We modified MiniFuzz, an automated fuzzing tool, to conduct mutation-based smart fuzzing and generation-based fuzzing. The test instrumentation worked correctly, but the test cases did not reveal any security vulnerabilities. Subjects: Photography; Digital techniques; Photographs; Computer science; Marketing; Computer programs; High definition television; Images, Photographic |
|
Language | English | |
Publication date | September 2007 | |
Current location |
IA Collections: navalpostgraduateschoollibrary; fedlink |
|
Accession number |
vulnerabilitynal109453285 |
|
Source | ||
Permission (Reusing this file) |
Approved for public release, distribution unlimited |
Licensing
[edit]Public domainPublic domainfalsefalse |
This work is in the public domain in the United States because it is a work prepared by an officer or employee of the United States Government as part of that person’s official duties under the terms of Title 17, Chapter 1, Section 105 of the US Code.
Note: This only applies to original works of the Federal Government and not to the work of any individual U.S. state, territory, commonwealth, county, municipality, or any other subdivision. This template also does not apply to postage stamp designs published by the United States Postal Service since 1978. (See § 313.6(C)(1) of Compendium of U.S. Copyright Office Practices). It also does not apply to certain US coins; see The US Mint Terms of Use.
|
||
This file has been identified as being free of known restrictions under copyright law, including all related and neighboring rights. |
https://creativecommons.org/publicdomain/mark/1.0/PDMCreative Commons Public Domain Mark 1.0falsefalse
File history
Click on a date/time to view the file as it appeared at that time.
Date/Time | Thumbnail | Dimensions | User | Comment | |
---|---|---|---|---|---|
current | 23:03, 25 July 2020 | 1,275 × 1,650, 206 pages (2.36 MB) | Fæ (talk | contribs) | FEDLINK - United States Federal Collection vulnerabilitynal109453285 (User talk:Fæ/IA books#Fork8) (batch 1993-2020 #32117) |
You cannot overwrite this file.
File usage on Commons
The following page uses this file:
Metadata
This file contains additional information such as Exif metadata which may have been added by the digital camera, scanner, or software program used to create or digitize it. If the file has been modified from its original state, some details such as the timestamp may not fully reflect those of the original file. The timestamp is only as accurate as the clock in the camera, and it may be completely wrong.
Short title | Vulnerability analysis of HD photo image viewer applications |
---|---|
Author | Juan, Clifford C. |
Software used | Juan, Clifford C. |
Conversion program | Acrobat Distiller 6.0.1 (Windows) |
Encrypted | no |
Page size | 612 x 792 pts (letter) |
Version of PDF format | 1.4 |