[Mimedefang] PDF vulnerability

David F. Skoll dfs at roaringpenguin.com
Tue Feb 24 15:10:26 EST 2009

WBrown at e1b.org wrote:

> Blocking PDF's is not going to be popular.  Can/will the AV definitions be
> able to detect malicious files?

According to http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html,
ClamAV has signatures.

"The clam sigs are called Exploit.PDF-26, Exploit.PDF-27, and Exploit.PDF-28"

But, coming up with signatures is (as we all know) not a substitute for
proper security. :-(

I think I'll stick to "xpdf" for now.



More information about the MIMEDefang mailing list