lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: christoph.schnidrig at csnc.ch (Christoph Schnidrig) Subject: OT: Tool for sanitizing MS office documents? Moreover, document fields gets also included. Even worse any kind of files can be embedded into PDF files. A lot of AVP do not detect embedded viruses in PDFs... Check out "Adobe Reader Speed-Up" on http://www.tnk-bootblock.co.uk/ in order to remove unnecessary plugins from your Acrobat Reader. Best Regards Christoph -----Original Message----- From: full-disclosure-bounces@...ts.netsys.com [mailto:full-disclosure-bounces@...ts.netsys.com] On Behalf Of Florian Weimer Sent: Montag, 31. Januar 2005 18:11 To: Clement Dupuis Cc: 'David Gianndrea'; full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] OT: Tool for sanitizing MS office documents? * Clement Dupuis: > This is why so many companies have adopted the PDF format for document > exchange. What you see is what it is, no hidden code or revision bits. This view is a bit too simplistic. PDF files can contain layers, and the text that is nicely covered by those black rectangle may still be present in the document. In general, PDF documents are not too bad an idea, though. At least it avoids the embarrassment of embedded OLE objects which contain far more information that is actually visible in the parent document (and I don't think Microsoft's tool addresses this because it would castrate the document). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists