DarkMahesvara on Nostr: "The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code ...
Published at
2023-08-18 20:46:23Event JSON
{
"id": "8345a962571426a9dfcb422b4953237e70b8f20bb5abd4af1541977963eed3fc",
"pubkey": "ba6988992ab9a4a3855d4a3f1c4e754af01bc1d3a31d378553270b5b0896eebb",
"created_at": 1692384383,
"kind": 1,
"tags": [
[
"proxy",
"https://varishangout.net/objects/4b3f3b48-c3a2-4b05-90d9-623fa365f45e",
"activitypub"
]
],
"content": "\"The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.\"\n\nhttps://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/\n\nexploits in archive, image and video files/tools are rare but its still a good idea to only use them inside of a sandbox like flatpak/bubblewrap or firejail to minimize the risk.",
"sig": "146ed51da5906efe8a5af0fd21eac228fb360a311408ee41d92c01e771f3cfafc6c16af859523f58cf76bdeab418f7708e95fda461ec96e88272572ce5da4574"
}