[Info-vax] VMS v8.4 Documentation CDROM bugs

Paul Sture nospam at sture.ch
Thu May 7 14:47:48 EDT 2015


On 2015-05-07, Jan-Erik Soderholm <jan-erik.soderholm at telia.com> wrote:
> Stephen Hoffman skrev den 2015-05-07 19:47:
>> On 2015-05-07 17:39:10 +0000, Jan-Erik Soderholm said:
>>
>>> Distributing anything (docs or software) on CD is very outdated.
>>
>> Alas, just as certain as you are that the physical-media approach is "very
>> outdated", there are folks that are equally certain that these newfangled
>> networks are hazardous and best avoided.
>>
>>
>> n.b.: I was certainly once in the former group, but I'm increasingly
>> leaning toward the latter group and particularly when unencrypted and
>> unauthenticated network transports are involved.
>>
>
> What is the security problem with downloading a publicly
> available PDF file?

When it's downloaded using plain HTTP and a Man in the Middle attacker
decides to put a malformed PDF in its place.

A history of Adobe Reader vulnerabilities:

<http://www.cvedetails.com/product/497/Adobe-Acrobat-Reader.html?vendor_id=53>

Although some of us stopped using Adobe Reader about a decade ago, other
products have also had vulnerabilities along the way. :-(

-- 
I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as
equals.                                            -- Winston Churchill



More information about the Info-vax mailing list