Security Threats Lurk in Adobe PDF Documents

Tuesday, January 04, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

A security analyst released some stunning findings on security bugs in Adobe PDF documents at the recent 27th Chaos Communication Congress in Berlin, Germany.

Julia Wolf, a researcher with the company FireEye, identified several flaws in the portable document file standard that produce some serious vulnerabilities.

One finding shows the ability for a PDF to contain code for a database scanner that activates when the document is sent to a hub printer and can scan the entire network.

Another of Wolf's findings shows how the same PDF document can display different text when viewed with various browsers, readers and operating systems.

Wolf also highlighted other vulnerabilities with the ubiquitous document format that can be exploited to carry out attacks by activating malicious programs in Acrobat Reader, and by the format's ability to support features with flawed code like JavaScript, Flash files, digital rights management options and XML.

The problems are compounded by the fact that most antivirus software does not detect malicious code in PDF documents, noting that 40 AVs tested did not pick up the threats even when the malware advisories were several months old.

If the malicious code was compressed or in Javascript, the success rate for detection even lower.

Adobe plans to issue a sandbox feature to allow code to be executed in a secure mode in their next version.

Source:  http://www.h-online.com/security/news/item/27C3-danger-lurks-in-PDF-documents-1162166.html

Possibly Related Articles:
11981
Vulnerabilities
Adobe Antivirus malware Javascript Vulnerabilities Headlines Threats PDF
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.