Pdf-Xchange Editor vulnerabilities

CVE-2022-37362 [HIGH] CWE-787 CVE-2022-37362: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG files. Crafted data in a PNG file can trigger a writ

CVE-2022-37356 [HIGH] CWE-787 CVE-2022-37356: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a writ

CVE-2022-37374 [HIGH] CWE-416 CVE-2022-37374: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG files. The issue results from the lack of validating

CVE-2022-37364 [HIGH] CWE-787 CVE-2022-37364: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can trigger a wri

CVE-2022-37371 [HIGH] CWE-787 CVE-2022-37371: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a writ

CVE-2022-37372 [HIGH] CWE-787 CVE-2022-37372: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a writ

CVE-2022-37369 [HIGH] CWE-787 CVE-2022-37369: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a writ

CVE-2022-37355 [HIGH] CWE-787 CVE-2022-37355: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a writ

CVE-2022-37367 [HIGH] CWE-125 CVE-2022-37367: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. Crafted data in an AcroForm can trigger a re

CVE-2022-37349 [HIGH] CWE-125 CVE-2022-37349: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the submitForm method. By performing actions in JavaScript, an attacker

CVE-2022-37366 [HIGH] CWE-125 CVE-2022-37366: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an at

CVE-2022-37353 [MEDIUM] CWE-125 CVE-2022-37353: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can tri

CVE-2022-37360 [MEDIUM] CWE-125 CVE-2022-37360: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can tri

CVE-2022-37351 [MEDIUM] CWE-125 CVE-2022-37351: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trig

CVE-2022-37352 [MEDIUM] CWE-125 CVE-2022-37352: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WMF files. Crafted data in a WMF file can trig

CVE-2022-37368 [MEDIUM] CWE-125 CVE-2022-37368: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScr

CVE-2022-37361 [MEDIUM] CWE-125 CVE-2022-37361: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. Crafted data in a JP2 file can trig

CVE-2022-37370 [MEDIUM] CWE-125 CVE-2022-37370: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trig

CVE-2022-37375 [MEDIUM] CWE-125 CVE-2022-37375: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPC files. Crafted data in a JPC file can trig

CVE-2022-37373 [MEDIUM] CWE-125 CVE-2022-37373: This vulnerability allows remote attackers to disclose sensitive information on affected installatio This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trig