Dave Korn wrote > Have you tried giving it a mpg/avi/wma/wmv extension and getting > it to open in a (perhaps embedded) mediaplayer? That's liable to > work as well; mediaplayer is also vulnerable to the > choose-an-app-based-on-extension/app-loads-a-viewer-based-on-actual-content > desynchronisation attack... I have seen at least one cached .wmz (Windows Media Player Skin) file trigger AV alerts for the WMF exploit (Symantec Bloodhound.Exploit.56) after having been opened in WMP10.
