Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:ADOBE:PDF-EVASIVE-FF

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Adobe Reader PDF Evasive File Format

Release Date

 2012/05/31

Update Number

 2145

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Adobe Reader PDF Evasive File Format


This signature detects attempts to bypass security devices using the obfuscated value of names and strings in a PDF document. Attackers can bypass security devices by using this method.

References

  • URL: http://www.adobe.com/devnet/pdf/pdf_reference.html
  • URL: http://blog.9bplus.com/av-bypass-for-malicious-pdfs-using-xdp
  • URL: http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html
  • URL: http://www.adobe.com/support/security/advisories/apsa10-02.html
  • URL: http://www.adobe.com/support/security/bulletins/apsb13-15.html
  • URL: http://www.fireeye.com/blog/technical/cyber-exploits/2013/11/ms-windows-local-privilege-escalation-zero-day-in-the-wild.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out