Comment on Doom is playable on PDFs (at least in Chromium-based browsers)
viking@infosec.pub 5 weeks agoYeah it does. Adobe has a lot of active script support, including java script for example, which can be exploited. If a software can’t interpret those scripts at all and simply displays plain text, that means malware won’t be executed.
And since Adobe Acrobat / Acrobat Reader are the most common pdf viewers out there, they are a natural target for hackers as well.
iAmTheTot@sh.itjust.works 5 weeks ago
Is Acrobat the only pdf reader with active script support? For example, do the common browsers which can also open pdfs not support the same things?
viking@infosec.pub 5 weeks ago
I genuinely don’t know, I have set my browser to download pdfs by default and only open them with Sumatra. There might be a scripting layer active in the browser as well though, quite possible.
iAmTheTot@sh.itjust.works 5 weeks ago
Then would you agree that it doesn’t have to do with Adobe Acrobat, as much at it does active script in PDFs and if the reader executes it?