HTTP: EmbeddedFile contained within a PDF

This signature detects PDF files with files embedded inside them using the EmbeddedFile property. These files are commonly used as containers for malware that is exploiting non-PDF vulnerabilities. They also, however, have legitimate uses. If your organization uses PDF files with EmbeddedFile features, this signature may trigger on non-malicious files.

Extended Description

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

Affected Products

Adobe acrobat_reader

References

BugTraq: 38195

CVE: CVE-2010-0188

Short Name
HTTP:STC:ADOBE:PDF-EMBEDDEDFILE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2010-0188 EmbeddedFile PDF a bid:38195 contained within
Release Date
01/28/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3724
False Positive
Occasionally
Vendors

Adobe

Found a potential security threat?