http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/ (blog 'DidierStevens) Tue, 06 Jan 2009 05:23:15 +0000 http://wordpress.org/?v=MU hourly 1 http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-33323 PDF Bomb Thu, 14 Aug 2008 08:28:23 +0000 http://didierstevens.wordpress.com/?p=392#comment-33323 [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...] [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the [...]

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32892 Didier Stevens Wed, 28 May 2008 20:40:04 +0000 http://didierstevens.wordpress.com/?p=392#comment-32892 It's true that these filters are lossy, but the first 3 of them take parameters, and I believe it's possible to parameterize a lossless compression. But I have not tested this. It’s true that these filters are lossy, but the first 3 of them take parameters, and I believe it’s possible to parameterize a lossless compression. But I have not tested this.

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32890 Vesselin Bontchev Wed, 28 May 2008 18:03:16 +0000 http://didierstevens.wordpress.com/?p=392#comment-32890 Some of these filters cannot be used to hide scripts with exploits, because they do lossy compression and are suitable only for images. I think (but am not 100% sure) that CCITTFaxDecode, JBIG2Decode, DCTDecode and JPXDecode all fall in this category. They might be usable for a denial-of-service attack (the equivalent of the ZIP bomb), although I have my doubts about that too. Some of these filters cannot be used to hide scripts with exploits, because they do lossy compression and are suitable only for images. I think (but am not 100% sure) that CCITTFaxDecode, JBIG2Decode, DCTDecode and JPXDecode all fall in this category. They might be usable for a denial-of-service attack (the equivalent of the ZIP bomb), although I have my doubts about that too.

]]> http://blog.didierstevens.com/2008/05/19/pdf-stream-objects/#comment-32887 PDF Bomb - PDFalerts Tue, 27 May 2008 20:09:04 +0000 http://didierstevens.wordpress.com/?p=392#comment-32887 [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it [...] [...] security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it [...]

]]>