Should I be concerned with infected zip files?

Posted by Peter Smith on Stack Overflow See other posts from Stack Overflow or by Peter Smith
Published on 2010-06-12T23:03:36Z Indexed on 2010/06/12 23:12 UTC
Read the original article Hit count: 233

Filed under:

ASP.NET

|

fileupload

|

web-security

|

virus

I'm writing a ASP.NET application to process user submitted zip files and limiting my extraction of files from it to only the extensions I want.

I've heard of infected zip files attached to emails and I was wondering if I should be concerned about extracting data from infected zip files in my application. I don't plan on executing the content inside of the zip file, but will opening and extracting from an infected zip file cause the file to execute a virus even if I'm not executing any content inside of the zip file?

© Stack Overflow or respective owner

Related posts about ASP.NET

Migrating ASP.NET MVC 1.0 applications to ASP.NET MVC 2 RTM

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Note: ASP.NET MVC 2 RTM isn’t yet released! But this tool will help you get your ASP.NET MVC 1.0 applications ready for when it is! I have updated the MVC App Converter to convert projects from ASP.NET MVC 1.0 to ASP.NET MVC 2 RTM. This should be last the last major change to the MVC App Converter… >>> More
April 14th Links: ASP.NET, ASP.NET MVC, ASP.NET Web API and Visual Studio

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
Here is the latest in my link-listing blog series: ASP.NET Easily overlooked features in VS 11 Express for Web: Good post by Scott Hanselman that highlights a bunch of easily overlooked improvements that are coming to VS 11 (and specifically the free express editions) for web development: unit… >>> More
Use ASP.NET 4 Browser Definitions with ASP.NET 3.5

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
We updated the browser definitions files included with ASP.NET 4 to include information on recent browsers and devices such as Google Chrome and the iPhone. You can use these browser definition files with earlier versions of ASP.NET such as ASP.NET 3 Read More......(read more) >>> More
ASP.NET webforms + ASP.NET Ajax versus ASP.NET MVC and Ajax framework freedom

as seen on Stack Overflow - Search for 'Stack Overflow'
If given the choice, which path would you take? ASP.NET Webforms + ASP.NET AJAX or ASP.NET MVC + JavaScript Framework of your Choice Are there any limitations that ASP.NET Webforms / ASP.NET AJAX has vis-a-vis MVC? >>> More
ASP.NET MVC 2 Released

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I’m happy to announce that the final release of ASP.NET MVC 2 is now available for VS 2008/Visual Web Developer 2008 Express with ASP.NET 3.5. You can download and install it from the following locations: Download ASP.NET MVC 2 using the Microsoft Web Platform Installer Download… >>> More

Related posts about fileupload

fileupload control to show only excel files ?

as seen on Stack Overflow - Search for 'Stack Overflow'
i have a fileupload control in a web page writen in asp & c#.net . on clicking the browse button it shows all the files in the upload dialog,i want to show only files of excel to be shown .how can it be done? else do we have any other tools to show only excel files on clicking browse buttons? >>> More
Apache Commons FileUpload Does not behave like expected

as seen on Stack Overflow - Search for 'Stack Overflow'
I just want to assure you guys that before I post this, I have read couple of similar post but none solved my problem. So here it is. I use Ajax taglib for my form since it wont refresh my screen <%@ taglib uri="WEB-INF/taglib.tld" prefix="a" %> <a:AjaxUpload action="UploadServlet">… >>> More
Getting extension of the file in FileUpload Control

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi At the moment i get file extension of the file like : string fileExt = System.IO.Path.GetExtension(filUpload.FileName); But if the user change the file extension of the file ( for example user could rename "test.txt" to "text.jpg" ), I can't get the real extension . What's the solution ? >>> More
rich:fileupload inside rich:modalpanel doesnt send uploadcomplete event

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm trying to use the rich:fileupload from inside a rich:modalpanel component. The problem is that, when inside modalpanel, fileupload doesn't doesnt start the fileuploadeventlistener method. The same fileupload component works fine outside of modalpanel. (Although it doesn't rerender the components… >>> More
GoogleAppEngine : possible to disable FileUpload?

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, When I deploy my application to GoogleAppEngine I keep getting the following error Uncaught exception from servlet java.lang.NoClassDefFoundError: java.io.FileOutputStream is a restricted class. Please see the Google App Engine developer's guide for more details. at com.google.apphosting… >>> More