Not the first time
A few years back, a bug in a popular image processing library was found. Some months later Blackberry, which apparently used that library, admitted to having a security hole.
BlackBerry has patched a security vulnerability that allowed hackers to execute malicious code on systems running its BlackBerry Enterprise Server (BES) software. The bug, rated as "high severity", is triggered by specially crafted TIFF image files that travel into BES as users visit webpages, receive emails and exchange …
This is a bit of a twist on normal exploitation simply because the malicious code is actually inside of an image, something that hasn’t really been done before.
Set the WABAC machine for 2004, Fred: Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution.
We really do have short memories in this industry.
Biting the hand that feeds IT © 1998–2020