Lucene search
K
Tracker-softwarePdf-xchange Viewer

5 matches found

CVE
CVE
added 2021/01/07 5:59 p.m.74 views

CVE-2018-18689

CVE-2018-18689 describes a Signature Wrapping issue in PDF signature validation caused by missing guidance in the PDF spec, allowing attackers to manipulate /ByteRange and xref without detection. The vulnerability affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4, as ...

5.3CVSS5.7AI score0.03688EPSS
CVE
CVE
added 2014/04/02 3:0 p.m.56 views

CVE-2013-0729

The CVE-2013-0729 entry corresponds to a heap-based buffer overflow in Tracker Software PDF-XChange Viewer prior to 2.5.208, exploitable via a crafted Define Huffman Table header in a JPEG image stream embedded in a PDF. The affected component is the JPEG processing/parsing within the PDF pipelin...

9.3CVSS8.2AI score0.06251EPSS
CVE
CVE
added 2017/12/27 5:0 p.m.45 views

CVE-2017-13056

The CVE-2017-13056 entry concerns PDF-XChange Viewer 2.5 (Build 314.0) and its launchURL function. Multiple connected sources (CNVD-2018-01636, NVD, CVE records, and PacketStorm) confirm a remote code execution vulnerability caused by a flaw in the app.launchURL path that accepts a crafted PDF fi...

7.8CVSS7.8AI score0.05637EPSS
CVE
CVE
added 2018/01/31 6:0 p.m.45 views

CVE-2018-6462

Tracker PDF-XChange Viewer and Viewer AX SDK prior to 2.5.322.8 are affected by a vulnerability in YCC to RGB color-space conversion that uses 1 bpc instead of 8 bpc, allowing remote code execution via a crafted PDF document. Affected products: Tracker PDF-XChange Viewer and Viewer AX SDK. Root c...

7.8CVSS7.8AI score0.02511EPSS
CVE
CVE
added 2012/09/07 10:0 a.m.36 views

CVE-2010-5245

CVE-2010-5245 describes an untrusted search path vulnerability (DLL hijacking) in PDF-XChange Viewer 2.0 Build 54.0. A local attacker can gain privileges by placing a malicious wintab32.dll in the current working directory, as demonstrated with a directory containing a .pdf file. The root cause i...

6.9CVSS6.7AI score0.00397EPSS