PDF-XChange Editor
Moderate fix15 remedies
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*
Moderate fix15 remedies
- 10.5.1.394
- 10.4.4.392
- 10.4.3.391
- 10.4.0.388
- 10.3.1.387
- 10.3.0.386
- 10.2.1.385
- 9.5.368.0
- 9.5.367.0
- 9.5.366.0
- 9.4.364.0
- 9.4.362.0
PDF-XChange Editor Out-Of-Bounds Read Vulnerability in PRC File Parsing Allowing Information Disclosure
Vulnerability
Patched
A vulnerability allowing out-of-bounds read has been identified in PDF-XChange Editor versions 10.5.2.395 and prior, as well as in version 10.4.4.392. This issue arises from improper validation of user-supplied data when parsing PRC files, leading to the potential for reading past the end of an allocated object. Exploitation of this vulnerability requires user interaction, such as opening a malicious PRC file or visiting a harmful webpage. Additionally, this vulnerability could be leveraged alongside others to execute arbitrary code within the current process context.
Impact
Exploitation of this vulnerability could result in unauthorized information disclosure and potentially allow for arbitrary code execution, according to the Zero Day Initiative.
Remediation
Users are advised to update to PDF-XChange Editor version 10.6.0.396 or later, where this vulnerability has been addressed.
Added: Jun 25, 2025, 10:30 PM
Updated: Jun 25, 2025, 10:30 PM
Vulnerability Rating
Custom Algorithm
spread
6.6impact
2.5exploitability
4.4remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.