CVE-2012-5324

Name of the Vulnerable Software and Affected Versions Tracker Software PDF-XChange version 3.60.0128

Description The issue concerns buffer overflows in the Pdf Printer Preferences ActiveX Control. Remote attackers can execute arbitrary code by providing a long string in specific parameters. The parameters sub path in the StoreInRegistry() function and sub key in the InitFromRegistry() function are vulnerable to this issue.

Recommendations For Tracker Software PDF-XChange version 3.60.0128, consider disabling the StoreInRegistry() and InitFromRegistry() functions as a temporary workaround until a patch is available. Avoid using the sub path and sub key parameters in the affected API endpoints until the issue is resolved.