Qoppa Pdf Studio vulnerabilities

CVE-2018-18688 [MEDIUM] CWE-347 CVE-2018-18688: The Portable Document Format (PDF) specification does not provide any information regarding the conc The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user witho

CVE-2018-18689 [MEDIUM] CWE-347 CVE-2018-18689: The Portable Document Format (PDF) specification does not provide any information regarding the conc The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Fox