![[F]](/Nano/mod/file/delete/72c4f4fe839dbc23f06c3100e94d7379470662b9ad09c7ba47651c6ade91d492.png){kind=link}
File: 72c4f4fe839dbc23f06c3100e94d7379470662b9ad09c7ba47651c6ade91d492.png (dl) (158.24 KiB)
/g/ - Technology
install openbsd
[Make a Post]>with non-executable files you're safe
Not so with player full of holes. It was always theoretically possible to exploit using video file and this is example.
>Software sucks
Software, like anything done by humans, is full of errors. Even if they fix this one next will be found and so forever.
![[F]](/Nano/mod/file/delete/803a20c8ef4eedbaacb498f9cc8ab4737e30b9c508dc972680a2bd54dfd3614b.jpg){kind=link}
File: 803a20c8ef4eedbaacb498f9cc8ab4737e30b9c508dc972680a2bd54dfd3614b.jpg (dl) (213.82 KiB)
>>5164
IIRC (I don't actually remember LOL) it was possible to insert a specifically crafted TEXT payloads into webpages and own browsers that way.
<hey bud, did you think plaintext files were safe? THINK AGAIN
I've been thinking about safety a little bit (not much though), and what do you think, how much of it could be mitigated by using pure Harvard architecture instead of what we have now?
![[F]](/Nano/mod/file/delete/08ad42ab962ecdd4bcf7591abb4717890f933b29cceb219589d83c4e5833cf55.jpg){kind=link}
File: 08ad42ab962ecdd4bcf7591abb4717890f933b29cceb219589d83c4e5833cf55.jpg (dl) (220.85 KiB)
[Catalog][Overboard][Update]
[Reply]3 files, 5 replies
>near 2020
>exploited by a video file
Software sucks.
>CVE-2019-2107
>In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.
https://nvd.nist.gov/vuln/detail/CVE-2019-2107
PoC:
https://github.com/marcinguy/CVE-2019-2107