Pdf-Xchange Editor vulnerabilities

CVE-2023-24308 [HIGH] CWE-755 CVE-2023-24308: A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in PDF A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in PDF-XChange Editor version 9.3 by Tracker Software may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large number of objects in a PDF file.

CVE-2022-42423 [HIGH] CWE-787 CVE-2022-42423: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ

CVE-2022-42402 [HIGH] CWE-125 CVE-2022-42402: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in an embedded U3D object can tr

CVE-2022-42374 [HIGH] CWE-416 CVE-2022-42374: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating

CVE-2022-42382 [HIGH] CWE-787 CVE-2022-42382: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42377 [HIGH] CWE-119 CVE-2022-42377: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper val

CVE-2022-42420 [HIGH] CWE-787 CVE-2022-42420: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ

CVE-2022-42378 [HIGH] CWE-787 CVE-2022-42378: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42370 [HIGH] CWE-787 CVE-2022-42370: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42405 [HIGH] CWE-122 CVE-2022-42405: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper val

CVE-2022-42395 [HIGH] CWE-787 CVE-2022-42395: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. Crafted data in an XPS file can trigger a wri

CVE-2022-42371 [HIGH] CWE-787 CVE-2022-42371: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-41151 [HIGH] CWE-787 CVE-2022-41151: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42373 [HIGH] CWE-787 CVE-2022-42373: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42400 [HIGH] CWE-787 CVE-2022-42400: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a writ

CVE-2022-42418 [HIGH] CWE-822 CVE-2022-42418: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper val

CVE-2022-42399 [HIGH] CWE-125 CVE-2022-42399: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read

CVE-2022-42417 [HIGH] CWE-125 CVE-2022-42417: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a read

CVE-2022-41143 [HIGH] CWE-787 CVE-2022-41143: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a writ

CVE-2022-42419 [HIGH] CWE-787 CVE-2022-42419: This vulnerability allows remote attackers to execute arbitrary code on affected installations of PD This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. Crafted data in a TIF file can trigger a writ