http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/ (blog 'DidierStevens) Sat, 13 Mar 2010 20:14:25 +0000 http://wordpress.com/ hourly 1 http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-37762 PDF Bomb | 4x PDF Blog Mon, 01 Mar 2010 23:44:54 +0000 http://didierstevens.wordpress.com/?p=392#comment-37762 [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...] [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...]

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-36085 Didier Stevens Thu, 05 Nov 2009 16:53:29 +0000 http://didierstevens.wordpress.com/?p=392#comment-36085 Take a look at the PDF Reference document http://www.adobe.com/devnet/pdf/pdf_reference.html And for flatedecode, research zlib compression. Take a look at the PDF Reference document http://www.adobe.com/devnet/pdf/pdf_reference.html
And for flatedecode, research zlib compression.

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-36082 khushi Thu, 05 Nov 2009 08:05:05 +0000 http://didierstevens.wordpress.com/?p=392#comment-36082 what is the way to understand the text encoded...can v write the text in its normal form...?bt i want to u'stand flatedecode filter in depth...how to canvert the characters in normal form...?and how are the offsets managed...i want to understand the internal structure of a pdf document in depth..any sites..?? what is the way to understand the text encoded…can v write the text in its normal form…?bt i want to u’stand flatedecode filter in depth…how to canvert the characters in normal form…?and how are the offsets managed…i want to understand the internal structure of a pdf document in depth..any sites..??

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-34931 PDF Filter Abbreviations « Didier Stevens Mon, 11 May 2009 00:01:24 +0000 http://didierstevens.wordpress.com/?p=392#comment-34931 [...] Filed under: My Software, PDF — Didier Stevens @ 0:00 @binjo ’s tweet made me realize PDF filter abbreviations do apply to stream objects too, although the PDF reference document only defines them [...] [...] Filed under: My Software, PDF — Didier Stevens @ 0:00 @binjo ’s tweet made me realize PDF filter abbreviations do apply to stream objects too, although the PDF reference document only defines them [...]

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-34246 Quickpost: /JBIG2Decode Essentials « Didier Stevens Mon, 02 Mar 2009 23:11:57 +0000 http://didierstevens.wordpress.com/?p=392#comment-34246 [...] at the PDF code of the /JBIG2Decode vulnerability. It doesn’t have to be an XObject, just a stream object with a /JBIG2Decode [...] [...] at the PDF code of the /JBIG2Decode vulnerability. It doesn’t have to be an XObject, just a stream object with a /JBIG2Decode [...]

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-33323 PDF Bomb Thu, 14 Aug 2008 08:28:23 +0000 http://didierstevens.wordpress.com/?p=392#comment-33323 [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...] [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...]

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32892 Didier Stevens Wed, 28 May 2008 20:40:04 +0000 http://didierstevens.wordpress.com/?p=392#comment-32892 It's true that these filters are lossy, but the first 3 of them take parameters, and I believe it's possible to parameterize a lossless compression. But I have not tested this. It’s true that these filters are lossy, but the first 3 of them take parameters, and I believe it’s possible to parameterize a lossless compression. But I have not tested this.

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32890 Vesselin Bontchev Wed, 28 May 2008 18:03:16 +0000 http://didierstevens.wordpress.com/?p=392#comment-32890 Some of these filters cannot be used to hide scripts with exploits, because they do lossy compression and are suitable only for images. I think (but am not 100% sure) that CCITTFaxDecode, JBIG2Decode, DCTDecode and JPXDecode all fall in this category. They might be usable for a denial-of-service attack (the equivalent of the ZIP bomb), although I have my doubts about that too. Some of these filters cannot be used to hide scripts with exploits, because they do lossy compression and are suitable only for images. I think (but am not 100% sure) that CCITTFaxDecode, JBIG2Decode, DCTDecode and JPXDecode all fall in this category. They might be usable for a denial-of-service attack (the equivalent of the ZIP bomb), although I have my doubts about that too.

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32887 PDF Bomb - PDFalerts Tue, 27 May 2008 20:09:04 +0000 http://didierstevens.wordpress.com/?p=392#comment-32887 [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it [...] [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it [...]

]]>