header-logo
Suggest Exploit
vendor:
PDF Specification
by:
Unknown
7.5
CVSS
HIGH
Signature-Collision Attack
347
CWE
Product Name: PDF Specification
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: pdf
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

PDF Signature Collision Attack

The Portable Document Format (PDF) specification is prone to a signature-collision attack when signing PDF documents. An attacker can exploit this issue to create PDF documents containing forged signatures. Successfully exploiting this issue will result in the application accepting the signature of a document as valid when it is not. This may result in a false sense of security; other attacks are also possible.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/42377/info

The Portable Document Format (PDF) specification is prone to a signature-collision attack when signing PDF documents.

An attacker can exploit this issue to create PDF documents containing forged signatures. Successfully exploiting this issue will result in the application accepting the signature of a document as valid when it is not. This may result in a false sense of security; other attacks are also possible.

All products conforming to the specification for signing PDF documents are affected by this issue. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34437.tar.gz

Navigation

Suggest Exploit

Services By CQR