{"id":1325,"date":"2021-04-21T21:35:01","date_gmt":"2021-04-21T19:35:01","guid":{"rendered":"https:\/\/parlonstechs.com\/all\/?p=1325"},"modified":"2021-04-21T21:35:01","modified_gmt":"2021-04-21T19:35:01","slug":"attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice","status":"publish","type":"post","link":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/","title":{"rendered":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/img-s-msn-com.akamaized.net\/tenant\/amp\/entityid\/BB1fJeCI.img?h=451&amp;w=799&amp;m=6&amp;q=60&amp;o=f&amp;l=f\" alt=\"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice\"\/><\/figure>\n\n\n\n<p style=\"font-size:24px\"><strong>Ouvrir un lien ou un chemin d\u2019acc\u00e8s n\u2019est jamais sans risque, y compris dans des applications desktop classiques. Des chercheurs en s\u00e9curit\u00e9 de Positive Security ont d\u00e9tect\u00e9 des failles dans une petite dizaine d\u2019applications qui permettaient d&rsquo;ex\u00e9cuter du code malveillant par l\u2019interm\u00e9diaire d\u2019un lien pi\u00e9g\u00e9. Ces applications sont\u00a0: VLC, Telegram, LibreOffice, OpenOffice, Bitcoin Desktop Client, Nextcloud, Wireshark et Mumble.<\/strong><\/p>\n\n\n\n<p>Ces vuln\u00e9rabilit\u00e9s existaient&nbsp;car ces applications n\u2019utilisaient pas les pr\u00e9cautions suffisantes quand elles \u00e9taient confront\u00e9es \u00e0 des gestionnaires d\u2019identifiants de ressources (Uniform Resource Identifier, URI) tels que ftp, sftp, file, mailto, nfs, etc. Dans les navigateurs, ce genre de liens provoquent syst\u00e9matiquement des alertes, mais les autres applications n&rsquo;ont pas forc\u00e9ment le m\u00eame niveau de protection.<\/p>\n\n\n\n<p>Les chercheurs ont d\u00e9montr\u00e9 ces failles par une s\u00e9rie de vid\u00e9os. Celle sur VLC est particuli\u00e8rement int\u00e9ressante, car elle exploite l\u2019option contextuelle \u00ab&nbsp;Show containing folder\u2026&nbsp;\u00bb d\u2019une liste d\u2019\u00e9coute. L\u2019utilisateur ne se rend m\u00eame pas compte que son action provoque l\u2019ouverture d\u2019un lien pi\u00e9g\u00e9.<\/p>\n\n\n\n<p>Certains logiciels ont d\u2019ores et d\u00e9j\u00e0 \u00e9t\u00e9 patch\u00e9s. Pour d\u2019autres, c\u2019est en cours. En attendant, il faut rester vigilant si vous utilisez l\u2019un de ces logiciels.<\/p>\n\n\n\n<p><strong>Source<\/strong>:&nbsp;<a href=\"https:\/\/positive.security\/blog\/url-open-rce#introduction\" target=\"_blank\" rel=\"noreferrer noopener\">Positive Security<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ouvrir un lien ou un chemin d\u2019acc\u00e8s n\u2019est jamais sans risque, y compris dans des applications desktop classiques. Des chercheurs en s\u00e9curit\u00e9 de Positive Security ont d\u00e9tect\u00e9 des failles dans [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1326,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,11,41],"tags":[],"class_list":["post-1325","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-actualite","category-cybersecurite","category-reseaux-sociaux"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store\" \/>\n<meta property=\"og:description\" content=\"Ouvrir un lien ou un chemin d\u2019acc\u00e8s n\u2019est jamais sans risque, y compris dans des applications desktop classiques. Des chercheurs en s\u00e9curit\u00e9 de Positive Security ont d\u00e9tect\u00e9 des failles dans [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/\" \/>\n<meta property=\"og:site_name\" content=\"Parlons Techs - Store\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-21T19:35:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"265\" \/>\n\t<meta property=\"og:image:height\" content=\"119\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"wisdom\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"wisdom\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/\"},\"author\":{\"name\":\"wisdom\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\"},\"headline\":\"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice\",\"datePublished\":\"2021-04-21T19:35:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/\"},\"wordCount\":242,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-39.jpg\",\"articleSection\":[\"Actualit\u00e9\",\"CyberS\u00e9curit\u00e9\",\"R\u00e9seaux Sociaux\"],\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/\",\"name\":\"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-39.jpg\",\"datePublished\":\"2021-04-21T19:35:01+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#primaryimage\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-39.jpg\",\"contentUrl\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/at-39.jpg\",\"width\":265,\"height\":119},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/2021\\\/04\\\/21\\\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#website\",\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/\",\"name\":\"Parlons Techs - Store\",\"description\":\"Toute L&#039;Actualit\u00e9 sur La Technologie et La Science\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/#\\\/schema\\\/person\\\/a93526e9c6c72ccb484abb7008892823\",\"name\":\"wisdom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g\",\"caption\":\"wisdom\"},\"sameAs\":[\"https:\\\/\\\/parlonstechs.com\\\/all\"],\"url\":\"https:\\\/\\\/parlonstechs.com\\\/all\\\/author\\\/wisdom\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/","og_locale":"fr_FR","og_type":"article","og_title":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store","og_description":"Ouvrir un lien ou un chemin d\u2019acc\u00e8s n\u2019est jamais sans risque, y compris dans des applications desktop classiques. Des chercheurs en s\u00e9curit\u00e9 de Positive Security ont d\u00e9tect\u00e9 des failles dans [&hellip;]","og_url":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/","og_site_name":"Parlons Techs - Store","article_published_time":"2021-04-21T19:35:01+00:00","og_image":[{"width":265,"height":119,"url":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg","type":"image\/jpeg"}],"author":"wisdom","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"wisdom","Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#article","isPartOf":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/"},"author":{"name":"wisdom","@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823"},"headline":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice","datePublished":"2021-04-21T19:35:01+00:00","mainEntityOfPage":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/"},"wordCount":242,"commentCount":0,"image":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#primaryimage"},"thumbnailUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg","articleSection":["Actualit\u00e9","CyberS\u00e9curit\u00e9","R\u00e9seaux Sociaux"],"inLanguage":"fr-FR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/","url":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/","name":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice - Parlons Techs - Store","isPartOf":{"@id":"https:\/\/parlonstechs.com\/all\/#website"},"primaryImageOfPage":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#primaryimage"},"image":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#primaryimage"},"thumbnailUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg","datePublished":"2021-04-21T19:35:01+00:00","author":{"@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823"},"breadcrumb":{"@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#primaryimage","url":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg","contentUrl":"https:\/\/parlonstechs.com\/all\/wp-content\/uploads\/2021\/04\/at-39.jpg","width":265,"height":119},{"@type":"BreadcrumbList","@id":"https:\/\/parlonstechs.com\/all\/2021\/04\/21\/attention-aux-liens-pieges-dans-vlc-telegram-et-libreoffice\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/parlonstechs.com\/all\/"},{"@type":"ListItem","position":2,"name":"Attention aux liens pi\u00e9g\u00e9s dans VLC, Telegram et LibreOffice"}]},{"@type":"WebSite","@id":"https:\/\/parlonstechs.com\/all\/#website","url":"https:\/\/parlonstechs.com\/all\/","name":"Parlons Techs - Store","description":"Toute L&#039;Actualit\u00e9 sur La Technologie et La Science","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/parlonstechs.com\/all\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/parlonstechs.com\/all\/#\/schema\/person\/a93526e9c6c72ccb484abb7008892823","name":"wisdom","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e752642935d05c7ef20c7ff136e0baadd18b8f39f34dbcffed7f1221cb763284?s=96&d=mm&r=g","caption":"wisdom"},"sameAs":["https:\/\/parlonstechs.com\/all"],"url":"https:\/\/parlonstechs.com\/all\/author\/wisdom\/"}]}},"_links":{"self":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1325","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/comments?post=1325"}],"version-history":[{"count":1,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1325\/revisions"}],"predecessor-version":[{"id":1327,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/posts\/1325\/revisions\/1327"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/media\/1326"}],"wp:attachment":[{"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/media?parent=1325"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/categories?post=1325"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/parlonstechs.com\/all\/wp-json\/wp\/v2\/tags?post=1325"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}