Bugtraq mailing list archives
Re: Millions of PDF invisibly embedded with your internal disk paths
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 05 Dec 2009 10:50:37 +1300
Ian Bradshaw wrote:
This isn't a security issue its a privacy issue.
If the leaked, embedded paths can be things like UNCs or IP-based internal server addresses, it is arguably a bit more than a privacy issue, allowing silent, external, partial mapping of the corporate intranet. Not good if your organization is in the habit of making lots of PDFs more or less publicly available from many departments, etc... Definitely something the security team should be aware of and (probably) making sure there are policies, and as necessary, amelioration tools and processes, to handle such. Regards, Nick FitzGerald
Current thread:
- Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek (Dec 03)
- Message not available
- RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God) (Dec 04)
- RE: Millions of PDF invisibly embedded with your internal disk paths Ian Bradshaw (Dec 04)
- Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald (Dec 07)
- RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God) (Dec 10)
- RE: Millions of PDF invisibly embedded with your internal disk paths Thor (Hammer of God) (Dec 04)
- Re: Millions of PDF invisibly embedded with your internal disk paths Nick FitzGerald (Dec 07)
- Message not available
- Message not available
- Re: Millions of PDF invisibly embedded with your internal disk paths Pavel Machek (Dec 07)