Philip Kolvenbach

**Name of the Vulnerable Software and Affected Versions** IrfanView version 4.60 **Description** The issue is related to improper input validation in the PDF.dll plugin, which allows attackers to execute arbitrary code when a crafted PDF file is opened. **Recommendations** For IrfanView version 4.60, consider disabling the PDF.dll plugin until a patch is available to prevent the execution of arbitrary code via crafted PDF files.

**Name of the Vulnerable Software and Affected Versions** PDF-XChange Editor version 9.3 **Description** A potential memory issue due to insufficient input validation in PDFXEditCore.x64.dll may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large number of objects in a PDF file. **Recommendations** For PDF-XChange Editor version 9.3, consider avoiding the use of PDFXEditCore.x64.dll until a patch is available, or refrain from opening untrusted PDF files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** SoftMaker Software GmbH FlexiPDF version 3.0.3.0 **Description** A stack overflow in FlexiPDF allows attackers to execute arbitrary code after opening a crafted PDF file. **Recommendations** For SoftMaker Software GmbH FlexiPDF version 3.0.3.0, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.