cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Adobe Redaction Issue

cmcarlson
New Here ,
Nov 13, 2019 Nov 13, 2019

Copy link to clipboard

Copied

Hello,

 

Does anyone know if Adobe has patched the known issue with the redaction function not successfully sanitizing CMap objects when the source document is originated from CutePDF or LibreOffice Writer documents? This article from April 2019 described the security vulnerability: https://www.cyber.gov.au/publications/redaction-functionality-in-adobe-acrobat-pro

 

Below is the vulnerability they described in the article above:

 

Remnants of redacted information were recovered from PDF documents created with CutePDF and LibreOffice Writer.

 

The remnants of redacted information were located within objects containing embedded font maps (CMap objects) [7]. The ability to recover these data remnants was the result of differences in the mechanisms used by CutePDF and LibreOffice Writer to embed font maps, and the Adobe Acrobat redaction functionality’s inability to identify and remove them. The Adobe Acrobat sanitisation functionality also failed to remove these data remnants.

 

Thanks, Chris

TOPICS
Edit and convert PDFs

Views

639

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
gkaiseril
LEGEND ,
Nov 13, 2019 Nov 13, 2019

Copy link to clipboard

Copied

Carefully read the attached document. There is no problem with using  the redaction feature of Acrobat on PDFs created with Acrobat or MS Word. The problem is when the document is created by Libre Office or Cute PDF. The and e was no issue found when using the Acrobat product and MS Word  when the Acrobat plug-in was installed. The issue clearly lies in the rendering engines of Libre Office and Cute PDF. There is no mention of testing of other PDF creation products like OpenOffice.org, Qucik PDF, or Foxit PDF. It is possible that Adobe has it right and the other products are not following or misinterpreting the PDF standard. This research also shows how complex redaction can be. This type of analysis is far beyond most users and requires a deep understanding of the PDF rendering process and how selecting one method over another can result in very different results. 

 

I think it would be best to go back to the source document and redact the information from that document and then create the PDF. One should of crouse make sure there is no change tracking being used in source document.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
cmcarlson
New Here ,
Nov 13, 2019 Nov 13, 2019

Copy link to clipboard

Copied

LATEST
In Response To gkaiseril

Agreed - there is no problem when the source documents were created in Acrobat or MS Word. The ACSC documents that the issue is when source documents are from LibreOffice or CutePDF. If you further read the document they isolated/pinpointed it specifically to the sanitization of CMap objects. The article lists the specific areas caused and it would be great if Adobe could weigh in on this. It is simple to say use Word or Adobe Acrobat to generate source documents, but for larger organizations handling PDFs generated outside of Word or Adobe Acrobat (think cloud computing, downloading a bank statement as PDF from the web, etc) these are real life situations where the source document is outside of word or Adobe. Proposing to go back to source documents (PDFs that are already flattened) to redact is not an option. Temporary workaround is to check the document properties for the source.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
About Adobe Acrobat
Adobe Acrobat Learn & Support
Adobe Inc
Whats new in Acrobat DC
Adobe Inc
Plan and Pricing
Adobe Inc
Adobe Acrobat features and tools
Adobe Inc
Adobe Acrobat Feature & Workflow
Edit PDFs
Edit Scanned PDFs
PDF Forms
Sign a PDF
FAQs
How to Edit Scanned or Secured document
Rotate | move | delete and renumber PDF pages
Acrobat download and installation help
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices