Tracker-Software Pdf-Xchange Viewer vulnerabilities
5 known vulnerabilities affecting tracker-software/pdf-xchange_viewer.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2017-13056P3HIGHCVSS 7.8PoCv2.52017-12-27
CVE-2017-13056 [HIGH] CWE-20 CVE-2017-13056: The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execu
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
nvd
CVE-2013-0729P3CRITICALCVSS 9.3fixed in 2.5.208.02014-04-02
CVE-2013-0729 [CRITICAL] CWE-119 CVE-2013-0729: Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.
nvd
CVE-2018-6462P3HIGHCVSS 7.8fixed in 2.5.322.82018-01-31
CVE-2018-6462 [HIGH] CWE-787 CVE-2018-6462: Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB c
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.
nvd
CVE-2018-18689P4MEDIUMCVSS 5.3v2.52021-01-07
CVE-2018-18689 [MEDIUM] CWE-347 CVE-2018-18689: The Portable Document Format (PDF) specification does not provide any information regarding the conc
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Fox
nvd
CVE-2010-5245P4MEDIUMCVSS 6.9v2.0.54.02012-09-07
CVE-2010-5245 [MEDIUM] CVE-2010-5245: Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain
Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.
nvd