On 02/11/2015 09:27 AM, James B. Byrne wrote:> PDFs are known vectors for malware. They have been exploited in the > past and no doubt will be exploited in the future. ... > That said, I readily admit that the risk posed by this particular > example is low. But, it is not zero.As an example, I found and downloaded a spec sheet several years back for a ADVA FSP-II upstream equivalent to the Cisco Metro 1500 wavelength division multiplex platform. This PDF had an embedded Javascript exploit (yes, Adobe Reader does do Javascript) and that Windows machine was pwned in short order (and the user I was running as was not an administrator equivalent). I suspect that using Adobe Reader on CentOS could be just as dangerous (in terms of user data exfiltration and/or payload delivery for crypto-ransomware). Privilege escalation is not required for much mischief to be done. Random PDFs are and continue to be malware vectors.