| The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them. |
|
 |
|
|
|
vulnerability alert 8796
Kaspersky Antivirus: bypassing via PDF
Synthesis of the vulnerability
| An attacker can create a PDF archive containing a virus which is not detected by Kaspersky. |
Severity: 2/4.
Creation date: 15/06/2009.
|
Impacted products
Description of the vulnerability
The body of a PDF document starts with the "%PDF" tag and ends with the last "%%EOF" tag. Lines located before and after these tags are ignored by Adobe Acrobat and FoxitReader.
However, if an attacker creates a malicious PDF document containing a line before the "%PDF" tag, Kaspersky products do not recognize the PDF format.
An attacker can therefore create a PDF archive containing a virus which is not detected by Kaspersky products. |
Share this bulletin
Complete Vigil@nce bulletin
Characteristics
Title: Kaspersky Antivirus: bypassing via PDF.
Keywords: Acrobat Adobe Antivirus EOF FoxitReader Kaspersky PDF bypassing.
Identifiers: TZO-30-2009, VIGILANCE-VUL-8796.
|
Information sources
Computer vulnerabilities tracking service
Vigil@nce provides network vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.
|
