Hades_Kito

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. It requires user interaction, such as visiting a malicious page or opening a malicious file. The flaw exists within the parsing of PDF files, where crafted data can trigger a write past the end of an allocated buffer, allowing an attacker to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of PDF files due to the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of TIF files due to the lack of validating the existence of an object prior to performing operations on it. An attacker can leverage this to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of TIF files due to the lack of validating the existence of an object prior to performing operations on it. An attacker can leverage this to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of TIF files, where crafted data can trigger a write past the end of an allocated buffer, allowing an attacker to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of JPG files due to the lack of proper validation of user-supplied data, resulting in a write past the end of an allocated object. This can be leveraged to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this issue, where the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files, resulting from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this issue to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of JPG files due to the lack of proper validation of user-supplied data, resulting in a write past the end of an allocated object. This can be leveraged to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor (affected versions not specified) **Description** This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The flaw exists within the parsing of JPG files due to the lack of proper validation of user-supplied data, resulting in a write past the end of an allocated object. An attacker can leverage this to execute code in the context of the current process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** PDF-XChange Editor (versões afetadas não especificadas) **Descrição** Esta vulnerabilidade permite que invasores remotos executem código arbitrário em instalações afetadas do PDF-XChange Editor. Ela requer interação do usuário, como visitar uma página maliciosa ou abrir um arquivo malicioso. A falha existe na análise de arquivos PDF, onde dados maliciosos podem provocar uma gravação além do fim de um buffer alocado, permitindo que um invasor execute código no contexto do processo atual. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** PDF-XChange Editor (versões afetadas não especificadas) **Descrição** Esta vulnerabilidade permite que invasores remotos executem código arbitrário em instalações afetadas do PDF-XChange Editor. Ela requer interação do usuário, como visitar uma página maliciosa ou abrir um arquivo malicioso. A falha existe na análise de arquivos PDF, onde dados maliciosos podem provocar uma gravação além do fim de um buffer alocado, permitindo que um invasor execute código no contexto do processo atual. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Microsoft Office (versões afetadas não especificadas) **Descrição** O problema está relacionado a uma vulnerabilidade do tipo “use-after-free” no Microsoft Office, especificamente no que diz respeito ao uso de memória após ela ter sido liberada. Isso pode permitir que um invasor execute código arbitrário remotamente, afetando potencialmente o sistema. A vulnerabilidade está associada à análise de arquivos DOCX do Microsoft Word. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.