CVE-2023-27344 in PDF-XChange Editorthông tin

Tóm tắt

Bởi MITRE • 03/05/2024

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19302.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Đặt trước

28/02/2023

Tiết lộ

03/05/2024

Kiểm duyệt

được chấp nhận

EPSS

0.00532

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!