PDF-XChange Editor NULL Pointer Dereference Vulnerability in readFileIntoStream Component Allowing Denial-of-Service

A NULL pointer dereference vulnerability has been identified in PDF-XChange Editor version 10.7.3.401. This vulnerability arises in the util.readFileIntoStream component, where improper handling of a crafted input leads to an access violation. When the readFileIntoStream method is called with maliciously crafted data, the application fails to properly initialize a file stream object, leaving it in a zeroed state. This uninitialized object is then used, causing a NULL pointer dereference and resulting in a denial-of-service condition as the application crashes.

Impact

Exploitation of this vulnerability causes an access violation, leading to a crash of the PDF-XChange Editor application.

Reproduction

The vulnerability can be reproduced by invoking the util.readFileIntoStream method with an empty array and a maximum file size parameter. This causes the method to fail in creating a proper file stream object, which is then used while still uninitialized, triggering the NULL pointer dereference.

Remediation

Users are advised to update to PDF-XChange Editor version 10.7.5.403, which addresses this vulnerability.