Tracker Software

tracker-software

6 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Pdf Xchange Viewer

pdf-xchange_viewer

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-18689 11Avanquest FoxitsoftwareGonitro+8 more 17Expert Pdf Reader Expert Pdf UltimateFoxit Reader+14 more Nov 27, 2024 Jan 7, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple produc...Show more The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.Show less
CVE-2018-6462 1Tracker Software 2Pdf Xchange Viewer Viewer Ax Sdk Nov 21, 2024 Jan 31, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitr...Show more Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.Show less
CVE-2017-13056 1Tracker Software 1Pdf Xchange Viewer May 13, 2026 Dec 27, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
CVE-2013-0729 1Tracker Software 1Pdf Xchange Viewer May 6, 2026 Apr 2, 2014 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.
CVE-2012-5324 1Tracker Software 1Pdf Xchange Apr 29, 2026 Oct 8, 2012 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in the (1) sub_path pa...Show more Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in the (1) sub_path parameter to the StoreInRegistry function or (2) sub_key parameter to the InitFromRegistry function.Show less
CVE-2010-5245 1Tracker Software 1Pdf Xchange Viewer Apr 29, 2026 Sep 7, 2012 N/A· v4 N/A· v3 6.9 MEDIUM· v2 Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that co...Show more Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.Show less