Evaluation Summary

Important: You need to trust the certificate which is used to validate the signature; otherwise, the signature validation in the application will be shown as self-signed.

Legend:

• : Application is vulnerable to the attack
• (conditional): The vulnerability is limited, i.e., the same warning is raised in case of an allowed modification (e.g., commenting) as well as in case of unallowed modifications (attacks)
• : Application is not vulnerable to any shadow attack variant

Attack Category

DoS

Information Disclosure

Data Manipulation

RCE

OS

Application

Version

Infinite loop

Deflate bomb

URL invocation

Form data leakage

Local file leakage

Credential theft

Form modifications

File write access

Content masking

Code execution

Windows

Acrobat Reader

2019.012.20035

Foxit Reader

9.7.1

PDF-XChange Viewer

2.5.322.9

Perfect PDF Reader

8.0.3.5

PDF Studio Viewer

2018.4.3

(conditional)

Nitro Reader

5.5.9.2

Acrobat Pro

2019.012.20035

Foxit PhantomPDF

9.7.1

PDF-XChange Editor

7.0.326.1

Perfect PDF Premium

10.0.0.1

PDF Studio Pro

2018.4.3

(conditional)

Nitro Pro

13.24.1.467

Nuance Power PDF

3.0.0.17

iSkysoft PDF Editor

6.5.0.3929

Master PDF Editor

5.1.36

Soda PDF Desktop

11.0.16.2797

PDF Architect

7.0.30.3196

PDFelement

6.8.0.3523

(conditional)

Mac

Preview

10.0.944.4

Skim

1.4.41

Linux

Evince

3.34.1

(conditional)

Okular

1.3.2

(conditional)

MuPDF

1.16.0

(conditional)

Web

Chrome

70.0.3538.77

(conditional)

Firefox

72.0.2

(conditional)

Safari

13.1.2

Opera

57.0.3098.106

(conditional)

(conditional)

Edge

44.18362.1.0