There's been buffer overflows/RCE exploits in all sorts of software that can par... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

walrus01 on Feb 19, 2022 | parent | context | favorite | on: A Saudi woman's iPhone revealed hacking around the...

There's been buffer overflows/RCE exploits in all sorts of software that can parse images since, well, forever. I remember more than 20 years ago seeing a notice about the embedded Internet Explorer rendering engine in Microsoft Outlook Express having an RCE zero day which could be exploited by simply loading an image in the body of an email.

Rich multimedia parsing display systems in messaging apps are a very tempting attack surface for entities such as NSO.

baybal2 on Feb 19, 2022 [–]

Why a messenger app needs a picture viewer?

saagarjha on Feb 19, 2022 | | [–]

Because people send each other pictures?

alasdair_ on Feb 20, 2022 | | [–]

> Why a messenger app needs a picture viewer?

A picture is worth a thousand words.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact