Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pdf\-Xchange_viewer
(Tracker\-Software)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-07 | CVE-2018-18689 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro... | Expert_pdf_ultimate, Pdf_experte_ultimate, Foxit_reader, Nitro_pro, Nitro_reader, Pdf_editor_6, Pdfelement6, Pdf_architect, Pdf_studio, Pdf_studio_viewer_2018, Soda_pdf, Soda_pdf_desktop, Perfect_pdf_10, Perfect_pdf_reader, Pdf\-Xchange_editor, Pdf\-Xchange_viewer, Expert_pdf_reader | 5.3 | ||
| 2018-01-31 | CVE-2018-6462 | Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | Pdf\-Xchange_viewer, Viewer_ax_sdk | 7.8 | ||
| 2017-12-27 | CVE-2017-13056 | The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | Pdf\-Xchange_viewer | 7.8 | ||
| 2014-04-02 | CVE-2013-0729 | Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file. | Pdf\-Xchange_viewer | N/A | ||
| 2012-09-07 | CVE-2010-5245 | Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | Pdf\-Xchange_viewer | N/A |