April 30th, 2020 at 4:52 AM
i mean they can't exist in the wild when so little actually supports it lmao
but yeah, i mean literally all of those vulns was 'in the wild' at some point in their lifespan.
cisco talos is something else, man. serious CIA shit that goes down there.
thing is, it's typically the codec that causes the problem, not as much the program using it. no one really makes their own codec implementations anymore, hence why the only main one is from 2016 which has (iirc) been patched. anything else in the codec itself would probably just cause it to not parse properly, throw an error and end of story, but when implemented (like the nitroPDF issues), that malformed header now has a way to NOP sled itself in a static environment within the process, leading to the potential for much more damage like RCE
i do know that the jpg2000 codec only actually became truly open/free around 2016 when its first vuln came out. the jpg/png/anything else formats were already really well documented, meaning that anyone could even go as far as writing their own implementations, but to parse jpeg2000 files, you'd need to buy a license from the creators or whatever. I'd imagine that's the main reason it got nowhere. no one wants to pay just to open a goddamn image.
but yeah, i mean literally all of those vulns was 'in the wild' at some point in their lifespan.
cisco talos is something else, man. serious CIA shit that goes down there.
thing is, it's typically the codec that causes the problem, not as much the program using it. no one really makes their own codec implementations anymore, hence why the only main one is from 2016 which has (iirc) been patched. anything else in the codec itself would probably just cause it to not parse properly, throw an error and end of story, but when implemented (like the nitroPDF issues), that malformed header now has a way to NOP sled itself in a static environment within the process, leading to the potential for much more damage like RCE
i do know that the jpg2000 codec only actually became truly open/free around 2016 when its first vuln came out. the jpg/png/anything else formats were already really well documented, meaning that anyone could even go as far as writing their own implementations, but to parse jpeg2000 files, you'd need to buy a license from the creators or whatever. I'd imagine that's the main reason it got nowhere. no one wants to pay just to open a goddamn image.