CVE-2018-18689
- EPSS 0.01%
- Published 07.01.2021 18:15:12
- Last modified 27.11.2024 20:11:45
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteR...
CVE-2018-6462
- EPSS 0.68%
- Published 31.01.2018 18:29:00
- Last modified 21.11.2024 04:10:42
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF doc...
CVE-2017-13056
- EPSS 1.69%
- Published 27.12.2017 17:29:00
- Last modified 20.04.2025 01:37:25
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
CVE-2013-0729
- EPSS 8.74%
- Published 02.04.2014 16:17:06
- Last modified 12.04.2025 10:46:40
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.
CVE-2010-5245
- EPSS 0.15%
- Published 07.09.2012 10:32:21
- Last modified 11.04.2025 00:51:21
Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: som...