Evaluation Summary
Important: You need to trust the certificate which is used to validate the signature; otherwise, the signature validation in the application will be shown as self-signed.
Legend:
: Application is vulnerable to the attack- (conditional): The vulnerability is limited, i.e., the same warning is raised in case of an allowed modification (e.g., commenting) as well as in case of unallowed modifications (attacks)
: Application is not vulnerable to any shadow attack variant
Windows
| Application | Version | Shadow Hide | Shadow Replace | Shadow Hide-and-Replace |
|---|---|---|---|---|
| Adobe Acrobat Reader DC | 2019.021.20061 | |
|
|
| Adobe Acrobat Pro 2017 | 2017.011.30156 | |
|
|
| Expert PDF 14 | 14.0.25.3456 64-bit | (conditional) |
(conditional) |
(conditional) |
| Foxit Reader | 9.7.0.29455 | |
|
|
| Foxit PhantomPDF | 9.7.0.29478 | |
|
|
| LibreOffice Draw | 6.4.2.2 | |
(conditional) |
|
| Master PDF Editor | 5.4.38, 64 bit | |
|
(conditional) |
| Nitro Pro | 12.16.3.574 | (conditional) |
(conditional) |
(conditional) |
| Nitro Reader | 5.5.9.2 | (conditional) |
(conditional) |
(conditional) |
| PDF Architect | 7 7.0.26.3193 64-bit | (conditional) |
(conditional) |
(conditional) |
| PDF Editor 6 Pro | 6.5.0.3929 | |
|
|
| PDFelement | 7.4.0.4670 | |
|
|
| PDF-XChange Editor | 8.0 (Build 331.0) | (conditional) |
(conditional) |
(conditional) |
| Perfect PDF Reader | V14.0.9 (29.0) | (conditional) |
(conditional) |
(conditional) |
| Perfect PDF 8 Reader | 8.0.3.5 | |
|
|
| Perfect PDF 10 Premium | 10.0.0.1 | |
|
|
| Power PDF Standard | 3.0 (Patch-19154.100) | |
|
|
| Soda PDF Desktop | 11.1.09.4184 64-bit | |
(conditional) |
(conditional) |
macOS
| Application | Version | Shadow Hide | Shadow Replace | Shadow Hide-and-Replace |
|---|---|---|---|---|
| Adobe Acrobat Reader DC | 2019.021.20061 | |
|
|
| Adobe Acrobat Pro 2017 | 2017.011.30156 | |
|
|
| Foxit Reader | 3.4.0.1012 | |
|
|
| Foxit PhantomPDF | 3.4.0.1012 | |
|
|
| LibreOffice Draw | 6.4.2.2 | |
(conditional) |
(conditional) |
| Master PDF Editor | 5.4.38, 64 bit | |
|
|
| PDF Editor 6 Pro | 6.8.1.3450 | |
|
|
| PDFelement | 7.5.7.2895 | |
|
|
Linux
| Application | Version | Shadow Hide | Shadow Replace | Shadow Hide-and-Replace |
|---|---|---|---|---|
| Master PDF Editor | 5.4.38, 64 bit | |
|
|
| LibreOffice Draw | 6.4.2.2 | |
(conditional) |
(conditional) |
Status fixes (22.10.2020)
All bugs have been reported by the CERT-Bund.
Fixes announced by the vendors
- Adobe DC (Mac + Win): 2020.006.20042
- Adobe 2017 (Mac + Win): 2017.011.30166
- Adobe 2015 (Mac + Win): 2015.006.30518
- LibreOffice v6.4.7 and 7.0.2
- Foxit PDF und Foxit PhantomPDF (Win) 9.7.2+
- Foxit PDF und Foxit PhantomPDF (Mac) 4.0+
- SodaPDF v12+
- Kofax (PowerPDF)
- Master PDF Editor (Win): 5.7.08
Confirmed message receipt (no feedback regarding patch):
- Master PDF Editor
- Nitro
- PDF-XChange
- pdfforge GmbH PDF Architect
No feedback despite multiple contact attempts:
- eXpert / ExpertReader
- PDF Editor
- PDFelement
- Perfect