Portable Document Format - Specification Signature Collision

EDB-ID:

34437

CVE:

N/A




Platform:

Windows

Date:

2010-08-11


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/42377/info

The Portable Document Format (PDF) specification is prone to a signature-collision attack when signing PDF documents.

An attacker can exploit this issue to create PDF documents containing forged signatures. Successfully exploiting this issue will result in the application accepting the signature of a document as valid when it is not. This may result in a false sense of security; other attacks are also possible.

All products conforming to the specification for signing PDF documents are affected by this issue. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/34437.tar.gz