[EMAIL PROTECTED] said:
>[EMAIL PROTECTED] writes:
>> Following that logic, such an exploit could be accomplished with a JPG
>> viewer or, for that matter, Paint. The PDF document is simply text,
>> graphics, and formatting information, similar to a postscript file. To
my
>> knowledge, it doesn't contain any script or code; nor can the PDF
viewer
>> execute any code based on the data in the file.
>>
>Unfortunately, Postscript is post *script*.
>It is a programming language. As was pointed out in an earlier thread,
>someone has even written an http server in postscript.
>You don't need a buffer overflow. It's built in.
>PDF is a slight modification of Postscript.
>
More than slight. From what I'm told, PDF was specifically designed to
remove the fact that Postscript is Turing-complete (i.e. you can do any
programming you want in it), so the danger of someone writing a virus in
PDF would be eliminated (note, I said designed with that in mind, I don't
know if it's possible or not). Of course, buffer overflows don't need a
programming language.
jeff
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
