Haaeein

**Name of the Vulnerable Software and Affected Versions** SumatraPDF versions 3.5.2 and earlier **Description** A heap out-of-bounds read issue exists in SumatraPDF's MOBI HuffDic decompressor. The bounds check within the `AddCdicData()` function does not validate the complete range accessed by the `DecodeOne()` function. Processing a specially crafted MOBI file can result in reading approximately (1 << codeLength) bytes beyond the CDIC dictionary buffer, potentially causing a crash. **Recommendations** Update SumatraPDF to a version later than 3.5.2.

**Name of the Vulnerable Software and Affected Versions** SumatraPDF versions 3.5.0 through 3.5.2 **Description** SumatraPDF’s update process has a flaw where TLS hostname verification is disabled (`INTERNET FLAG IGNORE CERT CN INVALID`) and installers are executed without signature verification. This allows a network attacker possessing a valid TLS certificate, such as one from Let's Encrypt, to intercept the update check, inject a malicious installer URL, and potentially execute arbitrary code. **Recommendations** Update to a version beyond 3.5.2.