What are the security risks associated with PDF files?
There is, of course, the general risk associated with any type of file: that whatever application is used to read it will have a bug that can be exploited by certain byte sequences within the file, thus crashing the system, or worse, executing arbitrary code.
That’s a pretty standard security issue. Anything extra on that general risk specific to PDF files?
Beyond the above general risk, what other risks are associated with PDF files?
Since PDF files can contain javascript (JS), what risks does that pose? Or is it well locked down for all major PDF viewers/editors (Adobe Reader, PDF-XChange, Sumatra, Foxit, Nitro, as well as the internal viewers in Firefox and Chrome)?
Are there other risks as well?
Do some PDF files have “call home” routines that can send a ping (or other data) to a server when they are opened or edited?
What about edit-protected PDF files or password-protected PDF files? Anything special there?
I’m most interested in answers that are relevant to Windows and Android, but am also interested in those relevant to linux, unix, OS X, and iOS, as well as OS-agnostic answers.