Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://udongein.xyz/objects/b32c7a8b-c976-444d-aec8-333c9d6183a2">LisPi (lispi314@udongein.xyz)'s status on Saturday, 30-Mar-2024 13:03:24 JST</a><a href="https://udongein.xyz/users/lispi314" title="lispi314@udongein.xyz"><img src="https://gnusocial.jp/avatar/209694-48-20231106080216.webp" width="48" height="48" alt="LisPi" style="position: absolute; left: 0; top: 0;">LisPi</a><div><a href="https://freesoftwareextremist.com/objects/8a25992a-65df-4cb5-83b0-47f510b4ff45" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><a href="https://freesoftwareextremist.com/users/Suiseiseki">@Suiseiseki</a> There was a path-based execution vulnerability in Emacs for decades at some point, iirc. <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-45939">https://nvd.nist.gov/vuln/detail/CVE-2022-45939</a><br><br><a href="https://www.technadu.com/dell-releases-fix-decades-old-vulnerability-affecting-100-million-pcs/272220/">https://www.technadu.com/dell-releases-fix-decades-old-vulnerability-affecting-100-million-pcs/272220/</a><br><br>First result on a search.<br><br>Neither of these compromised the functionality of the program noticeably to the users in the overwhelming majority of circumstances.<br><br><a href="https://windowsreport.com/outlooks-decades-old-vulnerability-allowed-for-catastrophic-attacks-without-any-user-interaction/">https://windowsreport.com/outlooks-decades-old-vulnerability-allowed-for-catastrophic-attacks-without-any-user-interaction/</a><br><br>And then there's this one. For what was once perceived as a flagship product (not some neglected thing everyone ignores).<br><br><a href="http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html">http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html</a><br><br>Versatile.<br><br>So yeah, it is definitely a risk and the popularity of the project doesn't seem to prevent it from happening.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2873521#notice-5723529">In conversation</a><time datetime="2024-03-30T13:03:24+09:00" title="Saturday, 30-Mar-2024 13:03:24 JST">about 8 months ago</time> <span>from <span><a href="https://udongein.xyz/objects/b32c7a8b-c976-444d-aec8-333c9d6183a2" rel="external" title="Sent from udongein.xyz via ActivityPub">udongein.xyz</a></span></span><a href="https://udongein.xyz/objects/b32c7a8b-c976-444d-aec8-333c9d6183a2">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-45939">NVD - CVE-2022-45939</a></h5><div></div></header><div></div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: cdn.technadu.com</div><h5><a href="https://www.technadu.com/dell-releases-fix-decades-old-vulnerability-affecting-100-million-pcs/272220/">Dell Releases Fix for Decades-Old Vulnerability Affecting 100 Million PCs</a></h5><div> from <span>Bill Toulas</span></div></header><div>Dell has fixed a driver vulnerability that loomed in its PCs for 12 years, and which they knew about for two.</div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: windowsreport.com</div><h5><a href="https://windowsreport.com/outlooks-decades-old-vulnerability-allowed-for-catastrophic-attacks-without-any-user-interaction/">How to Increase Clipboard Size on Windows 10 &amp; 11</a></h5><div> from <span>Claire Moraa</span></div></header><div>Is your WIndows Clipboard out ot memory and can't accommodate more items? Here's a guide to increase the size of your clipboard.</div><footer></footer></article></li><li><article><header><div>Domain not in remote thumbnail source whitelist: blogger.googleusercontent.com</div><h5><a href="http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html">Raising Lazarus - The 20 Year Old Bug that Went to Mars</a></h5><div></div></header><div>Advancements in information security research focusing on tracking, privacy, wireless, mobile, and international defense.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Saturday, 30-Mar-2024 13:03:24 JSTLisPi
in reply to
- 翠星石
@Suiseiseki There was a path-based execution vulnerability in Emacs for decades at some point, iirc. https://nvd.nist.gov/vuln/detail/CVE-2022-45939

https://www.technadu.com/dell-releases-fix-decades-old-vulnerability-affecting-100-million-pcs/272220/

First result on a search.

Neither of these compromised the functionality of the program noticeably to the users in the overwhelming majority of circumstances.

https://windowsreport.com/outlooks-decades-old-vulnerability-allowed-for-catastrophic-attacks-without-any-user-interaction/

And then there's this one. For what was once perceived as a flagship product (not some neglected thing everyone ignores).

http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html

Versatile.

So yeah, it is definitely a risk and the popularity of the project doesn't seem to prevent it from happening.
In conversationabout 8 months ago from udongein.xyzpermalink
Attachments
1. No result found on File_thumbnail lookup.
  NVD - CVE-2022-45939
2. Domain not in remote thumbnail source whitelist: cdn.technadu.com
  Dell Releases Fix for Decades-Old Vulnerability Affecting 100 Million PCs
  from Bill Toulas
  Dell has fixed a driver vulnerability that loomed in its PCs for 12 years, and which they knew about for two.
3. Domain not in remote thumbnail source whitelist: windowsreport.com
  How to Increase Clipboard Size on Windows 10 & 11
  from Claire Moraa
  Is your WIndows Clipboard out ot memory and can't accommodate more items? Here's a guide to increase the size of your clipboard.
4. Domain not in remote thumbnail source whitelist: blogger.googleusercontent.com
  Raising Lazarus - The 20 Year Old Bug that Went to Mars
  Advancements in information security research focusing on tracking, privacy, wireless, mobile, and international defense.

Public

Embed Notice

HTML Code

Corresponding Notice