2 Replies Latest reply on Dec 22, 2013 9:26 PM by aprilevans587

    Handling of MIME encoded PDF's

    lord_summerisle

      Hi,

       

      First post, so please be gentle

       

      I am looking at finding out the following information with regards to handling of .pdf's containing malicious code.

       

      What will happen if an applications code (.net CRE) decodes a MIME encoded PDF into memory which contains malicious code?

       

      I assume that the McAfee memory AV scanner should identify the malicious code signature and alert to this. But will it stop the code from passing the PDF to a Database (MS2005/2008) server where it is stored as a BLOB. If so, how will the exception handling work?

       

      NB. The PDF will be in a memory structure only, i.e. it will not be written to disk on the application servers hosting the application.

       

       

      The system is ePO 4.6.6, VSE 8.8, Agent 4.8

       

      I hope that the above makes some sense?

       

      Any help would be greatly appreciated.