At­tacks on PDF Cer­ti­fi­ca­ti­on

  1. Home
  2. /
  3. Netz- und Datensicherheit
  4. /
  5. Weitere Infos
  6. /
  7. Nachrichten
  8. /
  9. At­tacks on PDF Cer­ti­fi­ca­ti­on

At­tacks on PDF Cer­ti­fi­ca­ti­on

25.​05.​2021 – Simon Rohl­mann

At the „IEEE Sym­po­si­um on Se­cu­ri­ty and Pri­va­cy 2021“ we pu­blis­hed a new paper on PDF se­cu­ri­ty: „Brea­king the Spe­ci­fi­ca­ti­on: PDF Cer­ti­fi­ca­ti­on„.

We pre­sent two novel at­tacks on cer­ti­fied do­cu­ments: Sne­aky Si­gna­tu­re and Evil An­no­ta­ti­on At­tack. We also de­mons­tra­te how an at­ta­cker can gain rights to exe­cu­te ar­bi­tra­ry Ja­va­Script code in Adobe Acro­bat.

More in­for­ma­ti­on can be found on pdf-in­se­cu­ri­ty.​org and in our blog­post „At­tacks on PDF Cer­ti­fi­ca­ti­on

tags: cer­ti­fi­ca­ti­on, PDF, pdf-se­cu­ri­ty, pdf-si­gna­tu­res