Signature Detail

Short Name	HTTP:STC:ADOBE:PDF-EVASIVE-FF
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Adobe Reader PDF Evasive File Format
Release Date	2012/05/31
Update Number	2145
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Adobe Reader PDF Evasive File Format

This signature detects attempts to bypass security devices using the obfuscated value of names and strings in a PDF document. Attackers can bypass security devices by using this method.

References

URL: http://www.adobe.com/devnet/pdf/pdf_reference.html
URL: http://blog.9bplus.com/av-bypass-for-malicious-pdfs-using-xdp

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Adobe Reader PDF Evasive File Format

References