User:Usama4745/sandbox: Difference between revisions

Content deleted Content added

Inline

Revision as of 06:59, 19 November 2016

Portable Document Format security is concerned with the protection of information and property from theft, corruption, and attack. Its main purpose it to make sure information is productive and accessible to its intended users.

History

From its early stages of development in the 1990s, PDF started including security features. Over the years, several threats have been clearly identified including the following:

In 2003, the W32 Yourde virus that exploited a vulnerability in Acrobat 5.0.5 was discovered . A corrupted PDF document exploited a vulnerability in the JavaScript parsing engine to lead Acrobat into using plug-ins folders.

In 2000, a conceptual weakness was identified with the ability of Adobe reader to run malicious scripts related to a particular link. This attack used the XSS (Cross Site Scripting)

attack technique.

Risks and vulnerabilities

Adobe Reader and Acrobat products are supported by a large and complex code including several proprietary extensions. This apparent flexibility translates into a broad attack surface that is difficult for Adobe and anti-malware vendors to defend. For example, most PDF related tools allow their users to copy or print without paying attention to password or protection.^[1]^[2]^[3]

Return-oriented programming (ROP) and stolen digital certificates have played significant roles in recent exploits.

Exploits

Vulnerabilities are quite common in Adobe Reader long history with Adobe Systems providing appropriate solutions.^[4]

Usage restrictions and monitoring

PDFs may be encrypted so that a password is needed to view or edit the contents. The PDF Reference defines both 40-bit and 128-bit encryption, both making use of a complex system of RC4 and MD5. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF.

PDF files may also contain embedded DRM restrictions that provide further controls that limit copying, editing or printing. The restrictions on copying, editing, or printing depend on the reader software to obey them, so the security they provide is limited.

Solutions

Over time, Adobe Systems has provided solutions to deal with new vulnerabilities as soon as they were discovered in various versions of Adobe Reader.^[5] For example, the company publishes security bulletins in their Security bulletins and advisories page.

PDF and DRM

PDF documents are subject to the application of digital rights management (DRM) technology. Its purpose is to prevent the unauthorized use and control access to corporate documents.[45]

Watermarking and others

Adobe Systems recommends that any PDF application concerned with security, implements a combination of application sandboxing, data execution protection including non-executable memory, address space layout randomization, and stack cookies as defense mechanism.^[6]

References

^ Bryan Guignard. "How secure is PDF" (PDF).
^ "PDF Security Overview: Strengths and Weaknesses" (PDF).
^ Jeremy Kirk. "Adobe admits new PDF password protection is weaker".
^ "Security bulletins and advisories". Adobe. Retrieved 2010-02-21.
^ "PDF security reaches new levels with Adobe Reader XI and Adobe Acrobat XI" (PDF). Adobe Systems. Retrieved 2010-02-21.
^ PDF Watermarking Securiy: Add PDF Watermark with PDF Document Watermarking Creator Software, Locklizard, retrieved 2012-09-26

External links

How secure is PDF?

{{PDF readers}

[1] Bryan Guignard. "How secure is PDF" (PDF).

[2] "PDF Security Overview: Strengths and Weaknesses" (PDF).

[3] Jeremy Kirk. "Adobe admits new PDF password protection is weaker".

[4] "Security bulletins and advisories". Adobe. Retrieved 2010-02-21.

[5] "PDF security reaches new levels with Adobe Reader XI and Adobe Acrobat XI" (PDF). Adobe Systems. Retrieved 2010-02-21.

[6] PDF Watermarking Securiy: Add PDF Watermark with PDF Document Watermarking Creator Software, Locklizard, retrieved 2012-09-26

[1]

[2]

[3]

[4]

[5]

[6]

@@ Line 3: / Line 3: @@
 '''Portable Document Format security''' is concerned with the protection of information and property from theft, corruption, and attack.  Its main purpose it to make sure information is productive and accessible to its intended users.
 == History ==
 From its early stages of development in the 1990s,  PDF started including security features. Over the years, several threats have been clearly identified including the following:
 * In 2003, the W32 Yourde virus that exploited a vulnerability in Acrobat 5.0.5 was discovered . A corrupted PDF document exploited a vulnerability in the JavaScript parsing engine to lead Acrobat into using plug-ins folders.
+* In 2000, a conceptual weakness was identified with the ability of Adobe reader to run malicious scripts related to a particular link. This attack used the XSS (Cross Site Scripting)
+attack technique.
 == Risks and vulnerabilities ==
-Adobe  Reader and Acrobat products are supported by a large and complex code including several proprietary extensions. This apparent flexibility translates into a broad attack surface that is difficult for Adobe and anti-malware vendors to defend.
+Adobe  Reader and Acrobat products are supported by a large and complex code including several proprietary extensions. This apparent flexibility translates into a broad attack surface that is difficult for Adobe and anti-malware vendors to defend. For example, most PDF related tools allow their users to copy or print without paying attention to password or protection.<ref>{{cite web |url= http://www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf  |title= How secure is PDF |author=Bryan Guignard}}</ref><ref>{{cite web |url= http://www.planetpdf.com/planetpdf/pdfs/pdf2k/01W/merz_securitykeynote.pdf |title= PDF Security Overview: Strengths and Weaknesses }}</ref><ref>{{cite web |url= http://www.macworld.com/article/1137343/pdf.html |title=Adobe admits new PDF password protection is weaker |author= Jeremy Kirk}}</ref>
+Return-oriented programming (ROP) and stolen digital certificates have played significant roles in recent [[Exploit (computer security)|exploits]].
 === Exploits ===
+{{see also|Adobe Acrobat#Security}}
 Vulnerabilities are quite common in Adobe Reader long history with Adobe Systems providing appropriate solutions.<ref>{{cite web|url=https://www.adobe.com/support/security/#readerwin |title=Security bulletins and advisories |publisher=Adobe |date= |accessdate=2010-02-21}}</ref>
+=== Usage restrictions and monitoring ===
+PDFs may be [[encrypted]] so that a password is needed to view or edit the contents. The PDF Reference defines both 40-bit and 128-bit encryption, both making use of a complex system of [[RC4]] and [[MD5]]. The PDF Reference also defines ways that third parties can define their own encryption systems for PDF.
+PDF files may also contain embedded [[digital rights management|DRM]] restrictions that provide further controls that limit copying, editing or printing. The restrictions on copying, editing, or printing depend on the reader software to obey them, so the security they provide is limited.
 == Solutions ==
-Over time, [[Adobe Systems]] has provided solutions to deal with new vulnerabilities as soon as they were discovered in various versions of Adobe Reader.
+Over time, [[Adobe Systems]] has provided solutions to deal with new vulnerabilities as soon as they were discovered in various versions of Adobe Reader.<ref>{{cite web|url=http://www.adobe.com/content/dam/Adobe/en/products/acrobat/axi/pdfs/reader-acrobat-xi-security.pdf  |title=PDF security reaches new levels with Adobe Reader XI and Adobe Acrobat XI  |publisher=[[Adobe Systems]] |date= |accessdate=2010-02-21}}</ref>  For example, the company publishes security bulletins in their ''Security bulletins and advisories'' page.
+=== PDF and DRM ===
+PDF documents are subject to the application of  digital rights management (DRM) technology. Its purpose is to prevent the unauthorized use and control access to corporate documents.[45]
+=== Watermarking and others ===
+Adobe Systems recommends that any PDF application concerned with security, implements a combination of application sandboxing, data execution protection including non-executable memory, address space layout randomization, and stack cookies as defense mechanism.<ref>{{citation |url=http://www.locklizard.com/pdf_watermarking/  |title=PDF Watermarking Securiy: Add PDF Watermark with PDF Document Watermarking Creator Software   |publisher=Locklizard  |quote=   |accessdate=2012-09-26}}</ref>
 ==See also==
 * [[Computer security]]
+* [[Hacking: The Art of Exploitation]] (second edition)
 ==References==

v t e Information security
Related security categories	Computer security Automotive security Cybercrime Cybersex trafficking Computer fraud Cybergeddon Cyberterrorism Cyberwarfare Electromagnetic warfare Information warfare Internet security Mobile security Network security Copy protection Digital rights management	vectorial version
Threats	Adware Advanced persistent threat Arbitrary code execution Backdoors Hardware backdoors Code injection Crimeware Cross-site scripting Cross-site leaks DOM clobbering History sniffing Cryptojacking Botnets Data breach Drive-by download Browser Helper Objects Viruses Data scraping Denial-of-service attack Eavesdropping Email fraud Email spoofing Exploits Hacktivism Insecure direct object reference Keystroke loggers Logic bombs Time bombs Fork bombs Zip bombs Fraudulent dialers Malware Payload Phishing Voice Polymorphic engine Privilege escalation Ransomware Rootkits Scareware Shellcode Spamming Social engineering Spyware Software bugs Trojan horses Hardware Trojans Remote access trojans Vulnerability Web shells Wiper Worms SQL injection Rogue security software Zombie
Defenses	Application security Secure coding Secure by default Secure by design Misuse case Computer access control Authentication Multi-factor authentication Authorization Computer security software Antivirus software Security-focused operating system Data-centric security Obfuscation (software) Data masking Encryption Firewall Intrusion detection system Host-based intrusion detection system (HIDS) Anomaly detection Security information and event management (SIEM) Mobile secure gateway Runtime application self-protection Site isolation