CVE-2023-24308

Published: Mar 28, 2023Modified: Feb 19, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A potential memory vulnerability due to insufficient input validation in PDFXEditCore.x64.dll in PDF-XChange Editor version 9.3 by Tracker Software may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large number of objects in a PDF file.

Affected (1)

Products: Pdf Xchange: Pdf Xchange Editor

1 product

Pdf Xchange Editor

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pdf Xchange Pdf Xchange Editor	Version 9.3

Related CWEs

Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

References (2)

https://www.sit.fraunhofer.de/cve-2023-24308/

Source: cve@mitre.org

Third Party Advisory

https://www.sit.fraunhofer.de/cve-2023-24308/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.