Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

How to unsubscrube from dategen spam, WWWXXXAPC, docmd.close 2585, WWWXXXDOCO, nu vot, dhcpd lease file "binding state", WWWXXXDOCO, how to setup procmail to process html2text, how to setup procmail html2text, WWWXXXAPC.



#1: Flaw in FileOpen Publisher for Adobe PDF

Posted on 2004-09-23 07:28:36 by mixmaster

FileOpen Publisher is a product which encrypts PDF files so that only "authorized"
users may open them with the proper code. This code is provided in the form
of an authorization string from the content provider of the PDF. There appears
to be a ridiculous flaw in at least one version of FileOpen that allows one
to unencrypt the PDF file without an authorization string, as follows:

Double-click to open the FileOpen-protected PDF file.

A dialog box is presented asking the user to enter the authorization string
for the file.

Minimize this dialog box. Then right-click the minimized box on the taskbar,
and select Close. FileOpen closes, but not without first decrypting the PDF
file as if the proper authorization string had been provided(!). I do not know
which versions are affected, but this should be tested by anyone with access
to FileOpen-protected PDF files, and a bug fix issued for the affected versions.

Report this message