Can a PDF file contain a virus?

  • Could a PDF file contain any type of malware?

  • wtsec

    wtsec Correct answer

    6 years ago

    There are many features in the PDF that can be used in malicious ways without exploiting a vulnerability. One example is given by Didier Stevens here. Basically he embeds an executable and has it launch when opening the file. I am not sure how today's versions of readers handle this but its a good method of using PDF features in malicious ways.

    Would such a PDF be dangerous only on OS'es like Windows? Would the permission system of Mac/Linux be able to prevent such PDF's from running executables automatically?

    @Nav executing code has little to do with the OS, and everything to do with the reader. Executing code is allowed to execute other code. Basically you have to trust the reader to not do something stupid like allowing a PDF to execute an application.

    @Nav It's entirely feasible that a SELinux policy would block a pdf reader from executing _any_ programs.

License under CC-BY-SA with attribution


Content dated before 6/26/2020 9:53 AM