Full Disclosure mailing list archives
Re: PDF's unsafe?
From: Matthew Murphy <mattmurphy () kc rr com>
Date: Wed, 21 Sep 2005 11:40:00 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Geo. wrote: |>> and I know it doesn't run javascript or allow | | executable attachments in PDF's, like Adobe's does.<< | | Executable attachments? How? | | Geo. Not sure exactly how you go about adding them to documents, but Zulu's PDF worm broke the ice on this subject back in 2001: http://securityresponse.symantec.com/avcenter/venc/data/vbs.peachypdf () mm html Zulu's PDF worm only functions in the Full Acrobat, which is a blessing, but I'd bet something similar is possible with the JavaScript support in the Adobe Reader. I don't have the ability to create such full-featured PDFs, but it's fairly obvious that PDFs are a little too "rich" for a simple document format. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDMYzffp4vUrVETTgRA4BNAJ4uUc8voYrJdp4DW2UW0vrlGUV5ewCglljP tudxmJiyKGTZj/NInr4jclo= =NWT1 -----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- PDF's unsafe? Geo. (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- Re: PDF's unsafe? Andrew Haninger (Sep 21)
- Re: PDF's unsafe? Brent Colflesh (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- RE: PDF's unsafe? ad (Sep 21)
- Message not available
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- RE: PDF's unsafe? Geo. (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- Re: PDF's unsafe? Matthew Murphy (Sep 21)
- Re: PDF's unsafe? Alex (Sep 21)
- Re: PDF's unsafe? Andrew Haninger (Sep 21)
- Re: PDF's unsafe? Micheal Espinola Jr (Sep 21)
- RE: PDF's unsafe? y0himba (Sep 21)
- <Possible follow-ups>
- Re: PDF's unsafe? Gina H Montgomery (Sep 22)
- Re: PDF's unsafe? Xyberpix (Sep 23)