Primary

Context

PDF Complete Corporate Edition Unquoted Service Path Vulnerability in pdfcDispatcher Service Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in PDF Complete Corporate Edition version 4.1.45 due to an unquoted service path in the pdfcDispatcher service. This flaw allows local attackers to execute arbitrary code by injecting malicious executables into the service's binary location. The injected code would be executed with elevated LocalSystem privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code with LocalSystem privileges.

Reproduction

The vulnerability can be reproduced by exploiting the unquoted service path of the pdfcDispatcher service. This can be done by injecting a malicious executable into the service's binary location. The executable will be executed with LocalSystem privileges, allowing for elevated access on the system.

Added: Jan 23, 2026, 5:35 PM

Updated: Jan 23, 2026, 10:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PDF Complete Corporate Edition Unquoted Service Path Vulnerability in pdfcDispatcher Service Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating