Technical report | Threat Modelling Adobe PDF
PDF documents are increasingly being used as an attack vector to compromise and execute malicious code on victim machines. Such attacks threaten the assets of any organisation which they can exploit. PDF documents appeal to attackers due to their wide spread use and because users consider them to be safe. In this paper we analyse the threats posed by PDF documents. We outline current exploits, security defences employed by the Acrobat PDF reader; obfuscation techniques used by attackers to avoid detection; and threats to Adobe Acrobat. We also describe a tool we developed to assist in the identification of potentially malicious code in PDF documents.