"The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened."
https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/
exploits in archive, image and video files/tools are rare but its still a good idea to only use them inside of a sandbox like flatpak/bubblewrap or firejail to minimize the risk.
DarkMahesvara /
npub1hf5…pc2h
2023-08-18 20:46:23
Author Public Key
npub1hf5c3xf2hxj28p2afgl3cnn4ftcphswn5vwn0p2nyu94kzyka6asflpc2hPublished at
2023-08-18 20:46:23Event JSON
{
"id": "8345a962571426a9dfcb422b4953237e70b8f20bb5abd4af1541977963eed3fc",
"pubkey": "ba6988992ab9a4a3855d4a3f1c4e754af01bc1d3a31d378553270b5b0896eebb",
"created_at": 1692384383,
"kind": 1,
"tags": [
[
"proxy",
"https://varishangout.net/objects/4b3f3b48-c3a2-4b05-90d9-623fa365f45e",
"activitypub"
]
],
"content": "\"The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.\"\n\nhttps://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/\n\nexploits in archive, image and video files/tools are rare but its still a good idea to only use them inside of a sandbox like flatpak/bubblewrap or firejail to minimize the risk.",
"sig": "146ed51da5906efe8a5af0fd21eac228fb360a311408ee41d92c01e771f3cfafc6c16af859523f58cf76bdeab418f7708e95fda461ec96e88272572ce5da4574"
}