2 Replies Latest reply on Dec 22, 2013 9:26 PM by aprilevans587

    Handling of MIME encoded PDF's



      First post, so please be gentle


      I am looking at finding out the following information with regards to handling of .pdf's containing malicious code.


      What will happen if an applications code (.net CRE) decodes a MIME encoded PDF into memory which contains malicious code?


      I assume that the McAfee memory AV scanner should identify the malicious code signature and alert to this. But will it stop the code from passing the PDF to a Database (MS2005/2008) server where it is stored as a BLOB. If so, how will the exception handling work?


      NB. The PDF will be in a memory structure only, i.e. it will not be written to disk on the application servers hosting the application.



      The system is ePO 4.6.6, VSE 8.8, Agent 4.8


      I hope that the above makes some sense?


      Any help would be greatly appreciated.