PDFs may pose threat to Unix, Linux

    Date27 Sep 2002
    3203
    Posted ByAnthony Pell
    A security flaw in commonly distributed file-viewing programs may make it possible for attackers to use Adobe Systems PDF and PostScript files to run malicious code on machines using the Unix or Linux operating systems, according to an advisory released by . . . A security flaw in commonly distributed file-viewing programs may make it possible for attackers to use Adobe Systems PDF and PostScript files to run malicious code on machines using the Unix or Linux operating systems, according to an advisory released by technology security company iDefense.

    The open source viewing programs, named gv, kghostview and ggv, are used to view PDF and PostScript files and are commonly packaged with popular versions of the Linux operating systems including those by Red Hat Inc. and the Debian Project, as well as common flavors of Unix such as those by Sun Microsystems, according to David Endler, director of technical intelligence at Chantilly, Va.-based iDefense.

    Using a flaw in the file-viewers' program code, an attacker could use a deliberately malformed PostScript or PDF file to cause a buffer overflow in the viewer that would enable code from the attacker to be run.

    Once executed, the code could e-mail malicious files onto the victim's system, delete the victim's files or worse, Endler said.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"7","type":"x","order":"1","pct":87.5,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":12.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.