How To Spoof PDF Signatures

One year ago, we received a contract as a PDF file. It was digitally signed. We looked at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 document - ignoring cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "certificate is not trusted" warning shown by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 viewer - and asked ourselfs:

"How do PDF signatures exactly work?"

We are quite familiar with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 security of message formats like XML and JSON. But nobody had an idea, how PDFs really work. So we started our research journey.

Today, we are happy to announce our results. In this blog post, we give an overview how PDF signatures work and on top, we reveal three novel attack classes for spoofing a digitally signed PDF document. We present our evaluation of 22 different PDF viewers and show 21 of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m to be vulnerable. We additionally evaluated 8 online validation services and found 6 to be vulnerable.

In cooperation with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 BSI-CERT, we contacted all vendors, provided proof-of-concept exploits, and helped cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m to fix cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 issues and three generic CVEs for each attack class were issued: CVE-2018-16042, CVE-2018-18688, CVE-2018-18689.