Solved

safety of pdf

Posted on 2004-08-18
8
212 Views
Last Modified: 2012-05-05
I know that MS Word documents can contain dangerous code.  I know that gif and jpgs are safe.

How about PDF, is that safe?

And, is there any easy way that I can make sure that an MSWord document does not contain executable code.  I need to do this on the server.

What we are trying to do is allow people to attach files to their data on our site.  We do not however want to allow then to attach things that may carry viruses and trojans and things?
0
Comment
Question by:jhurst
8 Comments
 
LVL 15

Expert Comment

by:Yan_west
ID: 11833097
There was some vulnerability i Adobe acrobat reader... the vulnerability is in the software.. you have to update to the most recent patch to fix it.. here are a few example of vulnerabilities:

http://www.planetpdf.com/enterprise/article.asp?ContentID=6669
http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=27917
0
 
LVL 15

Expert Comment

by:Yan_west
ID: 11833115
BTW, the vulnerabilities are there, but I never heard about anyone having been exploited them..
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 63 total points
ID: 11833117
Nothing's 100% safe

http://www.securitytracker.com/alerts/2004/Aug/1010952.html

although in general a PDF may be safer than a word document.

You could (should) use a server-side virus scanner to scan incoming docs, which ought to make things reasonable secure.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 62 total points
ID: 11837302
A virus scanner will do the trick for most of the "popular" or viral exploits, but custom made ones are a bit tougher. Jpeg's, gif's and png files have all had an exploit in the past, but they mainly affected the viewing application, that's where the exploit was, not really the "Standard" of the datagram (jpg,gif,bmp,png,mp3,pdf...etc)

A program that I am finding more and more uses for is TDS-3, and it's quite good with it's heurstics capabilities, even detects some really simple code (del *, rmdir *, rm -rf etc..) as well as more elaborate code in many file types... I've not looked into it's use at detecting macros and such in M$ office doc's but I will now ;) http://tds.diamondcs.com.au/
====
Which kinds of malicious software does TDS detect?
 
TDS essentially detects anything malicious that isn't a virus. This includes RAT Servers, RAT EditServers, RAT Clients, RAT Plugins, RAT DDoS Servers, FTP RATs, Droppers, Binded trojans, Packed Servers, Keyloggers, Spyware, Mail Trojans, Password Stealers, Internet Worms, mIRC Worms, Malicious DLLs, Monitors, Spyware, and many others.  
====
There are no exploit's for Plain Text files... but for the most part, a good virus scanner will do the trick, as well as disabling macros in your office app's themselves, a disclaimer on your site may be necessary, as you cannot guarntee each document.

http://www.kb.cert.org/vuls/id/287067 (exploit for the app, or rather the way the app handles the malformed data... these could exist similarlly with pdf's etc.._
-rich


0
 
LVL 8

Author Comment

by:jhurst
ID: 11837373
Guys, this was GREAT!

I think I am going to leave this open a little longer to see if there is any additional info that I get but what I have receved so far will certainly get some, if not all, of the points.
0
 
LVL 8

Author Comment

by:jhurst
ID: 11837396
BTW, I realize that a reader/viewer is vulnerable to bugs/attacks etc, such as buffer overflow.  What I am more concerned about is the types of exploits that seem so common in word documents.  Clearly I am not going to allow .exe files.  The question really is, how restrictive should we be.

From what I am seeing so far, it seems that I should be fairly safe allowing PDF.

I am tending towards allowing:
gif, jpg, html, pdf and word
with different disclaimers for each.  Sort of pointing out that the latter ones are potentially more at risk than the earlier ones.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now