Headline
CVE-2022-42423: Tracker Software Products :: PDF-XChange Editor Version History
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18716.
Products
- End-User Products
- PDF-XChange Editor
- PDF-XChange Editor Plus
- PDF-XChange Lite Printer Free
- PDF-XChange Standard Printer
- PDF-Tools
- PDF-XChange PRO
- Software Developer Tools
- PDF-XChange Editor SDK
- PDF-XChange Editor Simple SDK
- PDF-XChange Core API SDK
- PDF-XChange Viewer ActiveX SDK
- PDF-XChange Drivers API
- PDF-XChange PRO SDK
Downloads
Support
- Technical Support
- Online Help Site
- End-User Forums
- Developer Forums
- Knowledge Base/FAQs
- Support Approach
Company
- Company Info
- Contact Us
- About Us
- Payment Options Explained
- News, Press & Events
- Charity & Academic Offers
- Employment Opportunities
- Resellers
- Testimonials
- Our Clients
View cart
Need more information? Get in touch.
You can contact us by phone, email or our social media accounts — we are here to assist you.
Related news
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.