Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pdf\-Xchange_editor
(Pdf\-Xchange)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 283 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-22 | CVE-2024-8834 | PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-11-22 | CVE-2024-8835 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-11-22 | CVE-2024-8836 | PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of user-supplied data, which can... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-11-22 | CVE-2024-8837 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of user-supplied data, which can result in... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 | ||
| 2018-09-01 | CVE-2018-16303 | PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. | Pdf\-Xchange_editor | 7.5 | ||
| 2019-10-11 | CVE-2019-17497 | Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction. | Pdf\-Xchange_editor | 6.5 | ||
| 2021-01-07 | CVE-2018-18689 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro... | Expert_pdf_ultimate, Pdf_experte_ultimate, Foxit_reader, Nitro_pro, Nitro_reader, Pdf_editor_6, Pdfelement6, Pdf\-Xchange_editor, Pdf_architect, Pdf_studio, Pdf_studio_viewer_2018, Soda_pdf, Soda_pdf_desktop, Perfect_pdf_10, Perfect_pdf_reader, Pdf\-Xchange_viewer, Expert_pdf_reader | 5.3 | ||
| 2023-01-26 | CVE-2022-41143 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was... | Pdf\-Xchange_editor | 7.8 | ||
| 2023-01-26 | CVE-2022-41144 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was... | Pdf\-Xchange_editor | 7.8 | ||
| 2023-01-26 | CVE-2022-41145 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code... | Pdf\-Xchange_editor | 5.5 |