Home » General News, PDF Reader

PDF Bomb

27 May 2008 | | No Comment

IT security professional Didier Stevens has highlighted a potential exploit in PDF Stream Objects which could be used to cause a PDF file to balloon in size, prompting Computerworld to label it the ‘PDF equivalent of the Zip bomb, or a PDF Bomb’.

Using filter parameters and filter cascading Stevens was able to create document that was only 2642 bytes in size, but when opened, decompressed to 1GB of data. This, as you can probably imagine, would cause some PDF readers to freeze up.

I recommend reading some of Didier Stevens other posts on security issues in PDFs as well.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave your response!

You must be logged in to post a comment.