PT-2023-19521 · Unknown · Pdf-Xchange Editor

Philip Kolvenbach

Publicado

2023-03-28

Atualizado

2024-11-27

CVE-2023-24308

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PDF-XChange Editor version 9.3

Description A potential memory issue due to insufficient input validation in PDFXEditCore.x64.dll may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large number of objects in a PDF file.

Recommendations For PDF-XChange Editor version 9.3, consider avoiding the use of PDFXEditCore.x64.dll until a patch is available, or refrain from opening untrusted PDF files to minimize the risk of exploitation.

Correção

Improper Handling of Exceptional Conditions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-755

Identificadores relacionados

CVE-2023-24308

Produtos afetados

Pdf-Xchange Editor

PT-2023-19521 · Unknown · Pdf-Xchange Editor

CVE-2023-24308

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3