Funes- parent
Reminds me of how people were crashing the PSP's XMB with BMP and TIFF files twenty years ago. I was just a kid, and began "pirating" every one of my classmates' consoles (some in exchange for a small amount of money). Good times.
When the first-gen iPhone was out there was a TIFF vulnerability so bad that you could jailbreak an iPhone just by visiting a specific web site. I remember going to Best Buy and seeing all of the display phones had been jailbroken. (It was easy to tell - this was before the App Store, so having extra app icons on the home screen wasn't normal.)
This was a user-empowering application of the vulnerability. Obviously, a bug that allows root-level arbitrary code execution just by getting the user to load a single image could be used for some pretty bad stuff. (And perhaps was.)
More recently there was an iOS 0-day GIF exploit requiring no user interaction:
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-i...
PDF, actually.
The `Memory Pit` exploit for the Nintendo DSi works in a similar way - it exploits a buffer overflow in the reading of image meta data by the Nintendo DSi Camera application in order to achieve arbitrary code execution.
4chan, ironically enough, had something similar where steganographic images were posted designed to be copied to Paint, saved as a bmp, renamed to an .hta file, and then executed. It would then spam the board with other variations of itself.
"Bannerbomb", on the Wii, has entered the thread.