As part of our current research, we analyzed signature validation processing on PDF files. In the following report, we present three novel attack classes: Universal Signature Forgery (USF), Incremental Saving Attack (ISA), and Signature Wrapping Attack (SWA) which we describe in chapter 3. Each attack allows an attacker to stealthily manipulate the content of a signed PDF without invalidating the signature, thereby breaking the document integrity protection.

https://www.nds.ruhr-uni-bochum.de/media/ei/veroeffentlichungen/2019/02/12/report.pdf