PDF still insecure

Hi malware fighters,

Opening up PDF files with Adobe can be dangerous, via file//URL’s javascript can enable cross scripting attacks on machines that store PDF files, and a means to steal data. Look for vulnerabilities on this page with various tests: http://www.gnucitizen.org/projects/pdf-strikes-back/poc.htm

polonus

Wordperfect Lightning opens my PDF’s and that doesn’t seen to make me vulnerable…

Holy smokes Bob, they just released the beta a couple of days ago didn’t they? If you’re not careful, you’re going to get so many things stuffed into that box, that’s it’s going to explode. (The term “blivet” comes to mind :))

In Open Office, I create a lot of PDF files on the fly, and I read PDF files with the current version of Adobe Reader from the Linux repositories, which is 7. But I do have version 8 installed in my windows partition, though I very seldom use it.

I’m not concerned in Linux, but it’s certainly something to keep in mind in Windows, and users there should pay attention to this, if they use Adobe often.

Polonus, I wasn’t aware of these vulnerabilities. Thanks for posting this. As always, your posts are very interesting.

Holy smokes Bob, they just released the beta a couple of days ago didn't they? If you're not careful, you're going to get so many things stuffed into that box, that's it's going to explode.
The 1.3 Tetra bytes of storage still has a long way to go before it needs to be increased. :)

Ya, I know what a tetra is, and I’m pretty sure they don’t byte.

http://en.wikipedia.org/wiki/Tetra

Same tetra but a different byte… :slight_smile:
http://en.wikipedia.org/wiki/Terabyte

Oh, tera, not tetra. Sorry, I got mixed up. You know though, I don’t think teras byte either, but I know these do…

http://en.wikipedia.org/wiki/Piranha

;D

All joking aside Bob, I assume that 1.3 terabytes is the sum total of all your hard drives? Must be nice…

Foxit reader seems to be OK, and it’s much lighter than Adobe.

http://www.foxitsoftware.com/