Tracker software PDF-Xchange Viewer 2.5

CPE Details

Tracker software PDF-Xchange Viewer 2.5
tracker-software
pdf-xchange_viewer
2.5
2021-01-15
02h30 +00:00
2021-08-17
15h28 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:tracker-software:pdf-xchange_viewer:2.5:*:*:*:*:*:*:*

Informations

Vendor

tracker-software

Product

pdf-xchange_viewer

Version

2.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-18689 2021-01-07 16h59 +00:00 The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
5.3
Medium
CVE-2018-6462 2018-01-31 17h00 +00:00 Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.
7.8
High
CVE-2017-13056 2017-12-27 16h00 +00:00 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
7.8
High
CVE-2013-0729 2014-04-02 13h00 +00:00 Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.
9.3