Watch out for PDFs
Submitted by FenP on Mon, 2007-08-13 08:44.
Technology
Hey I'm seeing a rash of PDF files sent as attachments. You widows people be careful, I sandboxed and opened one it has a nasty little trojan.
any way cheers
who says PDFs are safe
Submitted by FenP on Sat, 2008-03-15 16:08.
Multiple vulnerabilities have been discovered in Adobe Acrobat Reader,
including:
* A file disclosure when using file:// in PDF documents
(CVE-2007-1199)
* Multiple buffer overflows in unspecified Javascript methods
(CVE-2007-5609)
* An unspecified vulnerability in the Escript.api plugin
(CVE-2007-5663)
* Incorrect handling of printers (CVE-2008-0667)
* An integer overflow when passing incorrect arguments to
"printSepsWithParams" (CVE-2008-0726)
When life gives you lemons, make lemonade, pee in it, and serve it to the people that piss you off. And supa-fly koncas has some fries if you want some! (No ideal what he might have done with them though :)
Learn then talk
Submitted by doingjohny on Sat, 2007-09-22 02:31.
PDF files can't contain any form of malicious virus, worm or threat, why?
Do this first, open your PDF files with Windows Notepad... yes you're right it is plain text and nothing else, more, it is a human-like description of the content of the each page and the only possible interpret is the Acrobat Reader (copyrighted) which it is a Screen Printer and nothing else. It does not execute binaries or interfere with the resources of your system because it is platform independent and have it own proprietary stuff to work with, it does the same on any other OS whether be Linux, MAX, OS2, Windows, DOS, anyway.
Second, due to the structure of the PDF file any infested image, object or data would fail to render or execute in Acrobat Reader, because additional binary coding attach to this elements will malform the PostScript language and page elements will output errors ranther than be executed by a program (Reader) that can't recognized or executed binaries.
Enough talk, PDF is safe.
I hear ya
Submitted by FenP on Tue, 2007-08-14 10:54.
Iv'e noticed that for a couple of years, it's just right now I'm seeing a huge spike in the amount of em floating around.
When life gives you lemons, make lemonade, pee in it, and serve it to the people that piss you off. And supa-fly koncas has some fries if you want some! (No ideal what he might have done with them though :)
FenP
Submitted by punisher on Tue, 2007-08-14 10:49.
I get those at least three times a week.
Im telling you!...we M$ users get all the fun.
Id be bored if something wasnt going wrong every 10 mins...hehe
"this is not revenge but punishment"
i saw those
Submitted by YelloW on Mon, 2007-08-13 22:14.
but of course, i deleted them all becuase none were from anybody i know, plus the file name didn't make any sense.
"Ambition is the last refuge of failure." Oscar Wilde
As to it being plain text.
so is a batch file, C, C++ until they are compiled. Guess what the "reader" compiles the PDF. It can use Java, and with the buffer overruns it allows you to run arbritary code. So don't be so flipant about threats unless you do your reasearch first.
When life gives you lemons, make lemonade, pee in it, and serve it to the people that piss you off. And supa-fly koncas has some fries if you want some! (No ideal what he might have done with them though :)