We have been made aware that information has recently been published in social media about potential vulnerabilities in systems which use PDFreactor to convert data from untrusted sources. This could be used for Server Side Request Forgery, file system access and other similar attacks. A potential attacker could gain access to data on the server or internal networks. We would like to inform PDFreactor customers about this and highlight measures that can be taken to avoid this risk.
Does this affect me?
PDFreactor works under the assumption that all content and data (HTML, CSS, JavaScript etc.) it processes comes from trusted sources and does not contain malicious code or content. However, this may not always be the case depending on your integration. This means systems using PDFreactor to convert data or content from untrusted sources are potentially vulnerable.
You have to verify if PDFreactor — as you have integrated it — processes any data from untrusted sources where it is potentially vulnerable to the injection of malicious content in HTML, CSS, JavaScript etc. For this, you have to analyze and validate your entire processing chain for all data supplied to PDFreactor.
What can I do?
Should this be the case, implement appropriate measures immediately to protect your system against this sort of potential attacks. Such measures can include the following:
- Stop processing any data from untrusted sources with PDFreactor
- Prevent injection of malicious code or content into HTML, CSS, JavaScript e.g. by appropriately escaping or filtering data from untrusted sources
- Configure CustomUrlStreamHandlers (if you are using the PDFreactor Java Library) to filter URLs and block unwanted access to certain protocols or resources (see https://www.pdfreactor.com/product/doc/apidocs/index.html?com/realobjects/pdfreactor/Configuration.CustomUrlStreamHandler.html)
- Run the PDFreactor service under a user that has appropriately restricted privileges e.g. without any access rights to confidential files
- Configure appropriate outbound firewall rules on the server, to prevent access to internal network resources
If you have any questions, please contact us at support@realobjects.com or open a support ticket in our helpdesk at support.realobjects.com.