 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Wed 19 Jun 2013, 22:15 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
Embedded PDF exe hack goes live in Zeus malware attack
|
 
|
View previous topic :: View next topic |
| Page 1 of 1 [8 Posts] |
| Author | Message | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Flash
Official Dog Handler  Joined: 04 May 2005 Posts: 9911 Location: Arizona USA |
http://blogs.zdnet.com/security/?p=6196&tag=nl.e550
Which means it's on by default. 
|
||||||||||||
|
|||||||||||||
 |
|||||||||||||
Makoto
 Joined: 03 Sep 2009 Posts: 1407 Location: Out wandering... maybe. |
I'll admit I haven't been paying close attention to the PDF format for a while... but since when could you embed things in a PDF that would require an external viewer? Isn't PDF supposed to be more or less self-contained? Or was it just being nice and allowing users to specify their own viewers for some of the embedded files? Either way, you'd think that would practically invite an exploit of some sort...
_________________ [ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * My Pidgin Builds for Puppy 4.3.1 In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011). |
||||||||||||
|
|||||||||||||
|
|||||||||||||
|
Lobster
Official Crustacean  Joined: 04 May 2005 Posts: 15109 Location: Paradox Realm |
PDF includes a specialised programming language . . . just as MS Office have powerful script option (programming) I think OpenOffice has no or little macros support - is that right? Firefox and Seamonkey contain XUL programming capacity . . . and the list goes on . . . Perl, javascript, Actionscript (Flash language) . . . and that is on top of the existing mainstream languages http://puppylinux.org/wikka/ProgrammingLanguages _________________ Puppy WIKI |
||||||||||||
|
|||||||||||||
|
|||||||||||||
|
Makoto
Joined: 03 Sep 2009 Posts: 1407 Location: Out wandering... maybe. |
Yeah, but I was wondering when Adobe thought it'd be a good idea to allow anyone to embed practically anything in a PDF (if that's the case), and allow even the remote possibility of opening another app to handle that content. That's potentially an avenue for risk, right there. Hrm. I don't want to have to worry if my PDF reader for Linux, my handhelds, whatever, will be able to handle embedded videos in a PDF. 
_________________ [ Puppy 4.3.1 JP, Frugal install | 1GB RAM | 1.3GB swap ] * My Pidgin Builds for Puppy 4.3.1 In memory of our beloved American Eskimo puppy (1995-2010) and black Lab puppy (1997-2011). |
||||||||||||
|
|||||||||||||
|
|||||||||||||
dru5k1
 Joined: 11 Apr 2010 Posts: 72 |
haha, "We've shipped this with an open invitation to hackers... "IF" you check back at our website, then you'll be one of the lucky ones that "CAN" close this hole" thanx for the good read Flash |
||||||||||||
|
|||||||||||||
|
|||||||||||||
|
DMcCunney
Joined: 02 Feb 2009 Posts: 894 |
Adobe embeds ActionScript, which is a variant of JavaScript, based on the ECMAScript specification (and Adobe and Mozilla are collaborating on future revisions to JavaScript and the ECMA standard.)
Microsoft includes a subset of Visual Basic called Visual Basic for Applications in the Office product line.
It's wrong. Open Office includes a macro capability and a version of Basic. It's required for compatibility with MS Office files. There's an OO macro repository here: http://www.ooomacros.org/
XUL is an XML language for writing User Interfaces. You can use it with widgets to define what your application looks like. To go beyond that and actually do things you have to write in JavaScript.
And I think that entry is out of date. Isn't Perl a standard port of current Puppy distros? (If it isn't, it ought to be. It's in every [o]other[/i] Linux distro I'm aware of.) ______ Dennis |
||||||||||||
|
|||||||||||||
|
|||||||||||||
Sit Heel Speak
 Joined: 30 Mar 2006 Posts: 2595 Location: downwind |
Thank you very much for the rundown of scripting language inclusions! |
||||||||||||
|
|||||||||||||
|
|||||||||||||
|
DMcCunney
Joined: 02 Feb 2009 Posts: 894 |
Thanks. I wasn't sure, because I automatically install it as one of the first additions to a new installation if the distro doesn't include it.
I just scratched the surface. TECO is available for Linux for the incurably retro (I posted a Linux version to the forums a while back). IBM's REXX language is available, in both Regina and IBM Object REXX builds. Lua gets used in Puppy, and is being embedded as a scripting language in a variety of things. (I believe Geany can be scripted in Lua.) TclTk is available for Puppy, as well as every other distro I'm aware of. Properly speaking, Python and Ruby are scripting languages, embeddable in other things, but each is powerful enough that complete applications can be written in it, similar to what is done with Java. And that doesn't count shell scripting in ash, bash, csh, ksh, tcsh, or zsh among others. Offhand, I think JavaScript may be the hot current scripting language. It was designed to be lightweight, object oriented, and embeddable, and there's a formal spec for it and several open source implementations (including on in Java) . Most important, given its wide usage in web development, there are a large number of developers working in it. ______ Dennis |
||||||||||||
|
|||||||||||||
|
|||||||||||||
Embedded PDF exe hack goes live in Zeus malware attack
| Page 1 of 1 [8 Posts] |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group