Dig Into the Attack Surface of PDF and Gain 100+ CVEs in 1 Year

Presented at Black Hat Asia 2017, March 30, 2017, 5 p.m. (30 minutes).

Portable Document Format (a.k.a. PDF) is one of the most widely used file formats in the world; this complex file format also exposes a large potential attack surface which is important for us to understand. During the last year, by digging into the attack surface of PDF deeply and fuzzing the popular PDF readers efficiently, I discovered nearly 150 vulnerabilities independently in the world's most popular PDF readers including Adobe Reader, Foxit Reader, Google Chrome, Windows PDF Library, OS X Preview, and Adobe Digital Editions. More than 100 of the vulnerabilities have been fixed by vendors and assigned with CVEs. <br> <br> In this presentation, I will talk about the attack surface of PDF and the methods for finding and testing it. Then, I will talk about how to find enough test cases for each attack surface, and how to fuzz the PDF readers more efficiently. Finally, I will show you the statistical results of each attack surface based on the vulnerabilities I found.

Presenters:

  • Ke Liu - Security Researcher, Tencent Xuanwu Lab
    Ke Liu is a security researcher of Xuanwu Lab of Tencent. Currently he is focusing on security research about the PDF file format. During the last year, he has found nearly 150 vulnerabilities independently in the world's most popular PDF readers including Adobe Reader, Foxit Reader, Google Chrome, Windows PDF Library, and OS X Preview. More than 100 of the vulnerabilities have been fixed by vendors and assigned with CVE numbers.

Links:

Similar Presentations: