PT-2023-19521 · Unknown · Pdf-Xchange Editor
Philip Kolvenbach
·
Published
2023-03-28
·
Updated
2024-11-27
·
CVE-2023-24308
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
PDF-XChange Editor version 9.3
Description
A potential memory issue due to insufficient input validation in PDFXEditCore.x64.dll may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large number of objects in a PDF file.
Recommendations
For PDF-XChange Editor version 9.3, consider avoiding the use of PDFXEditCore.x64.dll until a patch is available, or refrain from opening untrusted PDF files to minimize the risk of exploitation.
Fix
Improper Handling of Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pdf-Xchange Editor