Abstract: The purpose of this document is to provide guidance for the development of a sanitization and analysis software tool for the Portable Document Format (PDF). It provides inspection and analysis on various elements and objects that are contained within the PDF file structure and how they can be a cause for concern for either hiding sensitive data or attempts to exploit a system. This document provides an analysis of numerous features in PDF and also provides recommendations to mitigate these threats to provide a safer file. Although this report does not mention vulnerabilities related to a specific PDF reader software application, however there were a number of them used in the analysis of the standard.
Date Published: 02 May 2011
Last Reviewed: 11 December 2017
Dissemination Control: N/A
Length: 241 page(s)