5 matches found
CVE-2025-14401
CVE-2025-14401 affects PDFsam Enhanced App. The issue is an out-of-bounds read in the handling of App objects caused by insufficient validation of user-supplied data, which can permit executing code in the current process. Exploitation requires user interaction (the target must visit a malicious ...
CVE-2025-14402
CVE-2025-14402 affects PDFsam Enhanced. The issue is in DOC file processing, where dangerous scripts can execute without user warning, enabling remote code execution in the current user context. User interaction is required (e.g., visiting a malicious page or opening a malicious file). Root cause...
CVE-2025-14404
CVE-2025-14404 affects PDFsam Enhanced, where the flaw lies in the processing of XLS files. The root cause is the execution of dangerous scripts without a user warning, allowing a remote attacker to run arbitrary code in the context of the current user. Exploitation requires user interaction (the...
CVE-2025-14403
PDFsam Enhanced Launch Insufficient UI Warning Remote Code Execution (CVE-2025-14403) affects PDFsam Enhanced. The vulnerability exists in the Launch action, permitting arbitrary code execution via dangerous scripts executed without proper user warnings; exploitation requires the target to visit ...
CVE-2025-14405
CVE-2025-14405 affects PDFsam Enhanced. The root cause is loading an OpenSSL configuration file from an unsecured location, enabling a locally exploited privilege escalation to SYSTEM after a physically-present attacker mounts a malicious drive. The vulnerability is described across multiple sour...