Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pdf\-Xchange_editor
(Pdf\-Xchange)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 275 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-03 | CVE-2023-39504 | PDF-XChange Editor OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OXPS files. The issue results from the lack of proper validation of user-supplied data, which... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-05-03 | CVE-2023-39505 | PDF-XChange Editor Net.HTTP.requests Exposed Dangerous Function Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Net.HTTP.requests method. The issue results from the exposure of a dangerous function. An attacker... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-05-03 | CVE-2023-39506 | PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the createDataObject method. The issue results from the lack of proper validation of a user-supplied path prior to using... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 | ||
| 2024-05-03 | CVE-2023-40468 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can trigger a read past the end of an allocated buffer. An... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-05-03 | CVE-2023-40470 | PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-05-03 | CVE-2023-40469 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of user-supplied data, which can... | Pdf\-Tools, Pdf\-Xchange_editor | 5.5 | ||
| 2024-05-03 | CVE-2023-40471 | PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of App objects. The issue results from the lack of proper validation of a user-supplied value prior to... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 | ||
| 2024-05-03 | CVE-2023-40472 | PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of strings. The issue results from the lack of proper validation of a user-supplied value prior... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 | ||
| 2024-05-03 | CVE-2023-42040 | PDF-XChange Editor mailForm Use-After-Free Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the mailForm method. The issue results from the lack of validating the existence of an object prior to performing operations on the object.... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 | ||
| 2024-05-03 | CVE-2023-42041 | PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing... | Pdf\-Tools, Pdf\-Xchange_editor | 7.8 |