25-10-04

do not trust pdf blindly

may antivirus systems do not scan pdf because it was considered safe (but that was the case with the internet also long ago)  You need to forget this and treat pdf as any other document with code possibilities, dangerous maybe.
 
1. Chris Evans has reported multiple vulnerabilities in Xpdf, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to some unspecified integer overflow errors, which potentially can be exploited to execute arbitrary code when a specially crafted PDF document is viewed
http://secunia.com/advisories/12917/
 
2. Jelmer has discovered a vulnerability in Adobe Acrobat and Adobe Reader, which can be exploited by malicious people to disclose sensitive information. The problem is that embedded Macromedia flash files are executed in a local context. This can be exploited to read local files by embedding a specially crafted flash file in a PDF file located on e.g. a malicious web site.
The vulnerability has been confirmed on Adobe Reader 6.01 and 6.02 for Windows.
Solution: Disable Javascript in Adobe Acrobat and Adobe Reader
http://secunia.com/advisories/12809/
 

 

13:57 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.