Tracker Software PDF-XChange Editor
Moderate fix1 remedy
cpe:2.3:a:tracker-software:pdf-xchange_editor:*:*:*:*:*:*:*
Moderate fix1 remedy
- < 10.4.2.390
PDF-XChange Editor Out-of-Bounds Read Vulnerability Leading to Information Disclosure
Vulnerability
Patched
A vulnerability allowing out-of-bounds read has been identified in PDF-XChange Editor, specifically in the way the application parses PDF files. This flaw arises from inadequate validation of user-supplied data, which can cause a read operation to extend beyond the end of an allocated object. As a result, remote attackers could exploit this vulnerability to disclose sensitive information on affected systems. User interaction is required, as the target must open a malicious PDF file or visit a harmful webpage. Additionally, this vulnerability could potentially be combined with others to execute arbitrary code within the current process context.
Impact
Exploitation of this vulnerability could lead to unauthorized information disclosure. Furthermore, according to the Zero Day Initiative, this vulnerability could be leveraged, in conjunction with others, to execute arbitrary code in the context of the current process.
Remediation
Users are advised to update to PDF-XChange Editor version 10.4.2.390. For more information, consult the PDF-XChange security bulletins.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
7.8impact
2.5exploitability
4.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.