English
FrenchSecurity
File Formats Security
Sat, 02/13/2010 - 13:00 — decalageThis is a series of articles about file formats and related security issues. In 2003 I had presented an article in French about this subject at the SSTIC conference: [SSTIC03]. In the following articles I will summarize it in English and provide updated information about common file formats.
Articles and presentations about IT Security
Here is a list of all articles and presentations I've published about IT Security so far.
ODF / OpenDocument format security
Tue, 03/09/2010 - 15:23 — decalageThis article describes the OpenDocument file format (ODF), related security issues and useful resources. [WORK IN PROGRESS]
For now, see http://www.decalage.info/opendocument_openxml
MS Office Open XML formats security (docx, xslx, pptx, ...)
Tue, 03/09/2010 - 15:19 — decalageThis article describes the Microsoft Office Open XML file formats (docx, xlsx, pptx), related security issues and useful resources. [WORK IN PROGRESS]
MS Office legacy/binary formats security (doc, xls, ppt, ...)
Mon, 03/08/2010 - 21:43 — decalageThis article describes the Microsoft Office legacy/binary file formats (doc, xls, ppt), related security issues and useful resources. [WORK IN PROGRESS]
PDF security
Sat, 02/13/2010 - 14:02 — decalageThis article describes the PDF file format, related security issues and useful resources. [WORK IN PROGRESS]
Using ExeFilter against PDF exploits and zero-days such as CVE-2009-4324
Wed, 01/06/2010 - 20:30 — decalageThis short article shows how ExeFilter can be used to disable JavaScript in PDF files, which is effective against many Adobe Reader exploits discovered in 2009, including the recent zero-day CVE-2009-4324.
OVALdi - an open-source local vulnerability assessment scanner
OVALdi, also named the OVAL Interpreter, is an open-source tool developed by MITRE to demonstrate how the OVAL language may be used to scan a computer for vulnerabilities. This article provides a few hints about how to use this tool.
pdfid - a Python module to analyze and clean PDF files
pdfid is a Python tool to analyze and sanitize PDF files, written by Didier Stevens. Here is a version that I have slightly modified to be imported as a module (originally for ExeFilter).
Origapy - a Python module to sanitize PDF files
Origapy is a Python interface to Origami, a PDF parser written in Ruby. It provides access to pdfclean.rb, in order to sanitize PDF files by disabling all active content (javascript, launch actions, embedded files, etc).
Except where otherwise noted, all content on this site www.decalage.info is licensed by Philippe Lagadec under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.