The Portable Document Format (PDF) specification is prone to a signature-collision attack when signing PDF documents.
An attacker can exploit this issue to create PDF documents containing forged signatures. Successfully exploiting this issue will result in the application accepting the signature of a document as valid when it is not. This may result in a false sense of security; other attacks are also possible.
All products conforming to the specification for signing PDF documents are affected by this issue.