I don't think they can, but I need to know for sure. Thanks.

Technically yes, but they wouldn't be executable ender any remotely normal conditions. If they were, you'd already have big problems.

Short answer, no.

read this amigo

http://www.informationweek.com/news/security/vulnerabilities/207600502

$ mv maliciousprogram maliciousprogram.mp3
$ chmod 755 maliciousprogram.mp3
$ ./maliciousprogram.mp3

$ mv maliciousprogram maliciousprogram.mp3
$ chmod 755 maliciousprogram.mp3
$ ./maliciousprogram.mp3

See that line with "chmod"? Don't do that!

Linux will only execute things that have the execute bit enabled, as Herman did there by using 755 as the permissions. If your text, graphics, and media files are not marked executable, then you can't be infected because the program or script won't be run. The most permissive permissions files like these should have is 644, which makes them readable by everyone and writable by their owners.

Also I'll point out that Herman is running the mp3 file from the command prompt. If you were using a player, like Clementine, you'd be running the player, not the mp3 like this "clementine /path/to/file.mp3". If the .mp3 file contained malware, it probably won't play at all. Even if it did play, it would have to trick clementine into doing something dastardly. That's not very likely either, especially since the malware author has no control over which of the many different players you might be using.

Read an update on VLC a few years ago saying that there was loop hole allowing code to be executed from subtitle files and it had been patched. Would this not be the case for any of these file types? depending on what you are using to "view" them.

But in all reality, if I open a jpg from a compromised computer, would I be alright? I mean I scanned it with ClamTK and it came back fine.

Read an update on VLC a few years ago saying that there was loop hole allowing code to be executed from subtitle files and it had been patched. Would this not be the case for any of these file types? depending on what you are using to "view" them.

For reference, the vulnerability report is here (http://www.videolan.org/security/sa0801.html).

Subtitle streams wouldn't be in any of the formats the OP mentioned, but yes, it's possible to find "holes" in existing software and craft an exploit to take advantage of them. In this particular case, though, the software would only have the same permissions as the user watching the video. Assuming the person is smart enough not to watch videos as the root user, the security model in Linux severely constrains what a user-level exploit can do. There are certainly nasty things that can be crafted to run as an ordinary user (keystroke loggers come immediately to mind), but my reading of the VLC report above suggests a more likely result is that the player would have crashed.

But in all reality, if I open a jpg from a compromised computer, would I be alright? I mean I scanned it with ClamTK and it came back fine.

Nothing is ever certain in life (except death and taxes, of course), but yes, I think you shouldn't worry about looking at a jpeg from a compromised computer.

Short answer, yes.

Long answer, I'm too lazy to explain in detail. You can use images or any file to exploit vulnerabilities in programs. It's not super common but it can happen.

There's also stenography where payloads are held in images to avoid AV detection.

it is too simple to have any kind of program and rename it so it looks like some picture or so.

Abt 8 years ago, we had the case in our company, that one man got some picts from a customer, opened it, well on windows and ACDsee picture viewer and in the next moment all pictures from his computer were wiped by a malware being in one of the received jpg files.

Any program that accepts input can be exploited, for example your media player can load an mp3 which has code written to exploit the media player. This is why we have things like apparmor which can minimize what can happen if this occurs.

slightly offtopic-
I remember I worked for a company that made routers, they had an exploit for a few days that enabled malicious images to actually gain admin access to the router and poison the dns. It could only happen for a window of about 5 minutes after a user accessed an admin section of the router on the same computer.