- Systematic analysis of insecure PDF features allowed in incremental updates
- Tool-Set for (semi-)automated generation of PDF test-cases
- Tool-Set for (semi-)automated evaluation of manipulated PDF documents
In following folder you can find 4 exploits and 2 applications (Foxit and PDF Studio). Your task is to analyze and understand the exploits. You should answer the following questions for each exploit.
- Which application is vulnerable against which exploit?
- Which class of attacks against PDF Signatures do you recognize?
- Where in the PDF do you find the exploit?
- What does the exploit do? How it circumvents the validation logic?
Submit the answers to these questions to email@example.com.
- Lecture Message-Level Security