Search criteria
855 vulnerabilities found for pdf-xchange_editor by pdf-xchange
FKIE_CVE-2025-47152
Vulnerability from fkie_nvd - Published: 2025-08-05 15:15 - Updated: 2025-11-03 20:19
Severity ?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-xchange_editor | 10.6.0.396 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.6.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "93E64C75-500A-4FDF-AC2E-BBE1926AD7BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de lectura fuera de los l\u00edmites en la funcionalidad EMF de PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. Al usar un archivo EMF especialmente manipulado, un atacante podr\u00eda explotar esta vulnerabilidad para realizar una lectura fuera de los l\u00edmites, lo que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n confidencial."
}
],
"id": "CVE-2025-47152",
"lastModified": "2025-11-03T20:19:05.503",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-08-05T15:15:29.713",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-27931
Vulnerability from fkie_nvd - Published: 2025-08-05 15:15 - Updated: 2025-11-03 20:18
Severity ?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de lectura fuera de los l\u00edmites en la funcionalidad EMF de PDF-XChange Editor versi\u00f3n 10.5.2.395. Al usar un archivo EMF especialmente manipulado, un atacante podr\u00eda explotar esta vulnerabilidad para realizar una lectura fuera de los l\u00edmites, lo que podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n confidencial."
}
],
"id": "CVE-2025-27931",
"lastModified": "2025-11-03T20:18:08.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-08-05T15:15:28.800",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-6662
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:11
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26985.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-447/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26985."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26985."
}
],
"id": "CVE-2025-6662",
"lastModified": "2025-07-01T19:11:55.183",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:24.127",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-447/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6654
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:30
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26729.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-439/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26729."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos PRC en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26729."
}
],
"id": "CVE-2025-6654",
"lastModified": "2025-07-01T19:30:42.350",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.047",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-439/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6660
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-07 17:37
Severity ?
Summary
PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26763.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-443/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_pro | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_pro:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF8A7ED-1520-4BCA-9AF4-7D7CE59458D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26763."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por desbordamiento de b\u00fafer basado en mont\u00f3n en el an\u00e1lisis de archivos GIF del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos GIF. El problema se debe a la falta de una validaci\u00f3n adecuada de la longitud de los datos proporcionados por el usuario antes de copiarlos a un b\u00fafer basado en mont\u00f3n de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26763."
}
],
"id": "CVE-2025-6660",
"lastModified": "2025-07-07T17:37:13.450",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.863",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-443/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6657
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:31
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26732.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-442/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26732."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26732."
}
],
"id": "CVE-2025-6657",
"lastModified": "2025-07-01T19:31:08.080",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.467",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-442/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6661
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:16
Severity ?
Summary
PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of App objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26823.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-446/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of App objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26823."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo por Use-After-Free de objetos de la aplicaci\u00f3n PDF-XChange Editor. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de PDF-XChange Editor. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en la gesti\u00f3n de objetos de la aplicaci\u00f3n. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26823."
}
],
"id": "CVE-2025-6661",
"lastModified": "2025-07-01T19:16:39.160",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.997",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-446/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6659
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-07 17:39
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26734.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-445/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_pro | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_pro:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF8A7ED-1520-4BCA-9AF4-7D7CE59458D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26734."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos PRC en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26734."
}
],
"id": "CVE-2025-6659",
"lastModified": "2025-07-07T17:39:19.650",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.740",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-445/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6658
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-07 17:39
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26733.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-444/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_pro | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_pro:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF8A7ED-1520-4BCA-9AF4-7D7CE59458D3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26733."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26733."
}
],
"id": "CVE-2025-6658",
"lastModified": "2025-07-07T17:39:44.360",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.597",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-444/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6655
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:30
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26730.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-440/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26730."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26730."
}
],
"id": "CVE-2025-6655",
"lastModified": "2025-07-01T19:30:51.190",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.187",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-440/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6656
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:30
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26731.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-441/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26731."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26731."
}
],
"id": "CVE-2025-6656",
"lastModified": "2025-07-01T19:30:58.773",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:23.330",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-441/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6647
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:19
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26644.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-432/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26644."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos U3D fuera de los l\u00edmites en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura posterior al final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26644."
}
],
"id": "CVE-2025-6647",
"lastModified": "2025-07-01T19:19:18.470",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.027",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-432/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6652
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:28
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26724.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-437/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26724."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26724."
}
],
"id": "CVE-2025-6652",
"lastModified": "2025-07-01T19:28:24.283",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.720",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-437/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6649
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:33
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26709.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-434/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26709."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26709."
}
],
"id": "CVE-2025-6649",
"lastModified": "2025-07-01T19:33:17.920",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.307",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-434/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6653
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:28
Severity ?
Summary
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26726.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-438/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26726."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos PRC del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos PRC. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26726."
}
],
"id": "CVE-2025-6653",
"lastModified": "2025-07-01T19:28:32.937",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.870",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-438/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6651
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:28
Severity ?
Summary
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26713.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-436/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26713."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos JP2 en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos JP2. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una escritura m\u00e1s all\u00e1 del l\u00edmite del b\u00fafer asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26713."
}
],
"id": "CVE-2025-6651",
"lastModified": "2025-07-01T19:28:16.850",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.580",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-436/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6650
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:28
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26712.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-435/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26712."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26712."
}
],
"id": "CVE-2025-6650",
"lastModified": "2025-07-01T19:28:03.760",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.443",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-435/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6648
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:33
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26671.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-433/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26671."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26671."
}
],
"id": "CVE-2025-6648",
"lastModified": "2025-07-01T19:33:08.270",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:22.160",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-433/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6641
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:31
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26528.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-426/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26528."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26528."
}
],
"id": "CVE-2025-6641",
"lastModified": "2025-07-01T19:31:43.230",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.237",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-426/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6645
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:32
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26642.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-430/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26642."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de uso despu\u00e9s de la liberaci\u00f3n en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26642."
}
],
"id": "CVE-2025-6645",
"lastModified": "2025-07-01T19:32:54.980",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.743",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-430/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6640
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:31
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26527.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-425/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26527."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26527."
}
],
"id": "CVE-2025-6640",
"lastModified": "2025-07-01T19:31:36.373",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.107",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-425/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6644
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:32
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26536.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-429/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26536."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Era ZDI-CAN-26536."
}
],
"id": "CVE-2025-6644",
"lastModified": "2025-07-01T19:32:05.463",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.617",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-429/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6643
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:31
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26532.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-428/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26532."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de lectura fuera de los l\u00edmites en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Anteriormente, se denominaba ZDI-CAN-26532."
}
],
"id": "CVE-2025-6643",
"lastModified": "2025-07-01T19:31:57.240",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.487",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-428/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6642
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:31
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26530.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-427/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26530."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo al analizar archivos U3D fuera de los l\u00edmites en el editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar una lectura m\u00e1s all\u00e1 del final de un objeto asignado. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto del proceso actual. Anteriormente, se denomin\u00f3 ZDI-CAN-26530."
}
],
"id": "CVE-2025-6642",
"lastModified": "2025-07-01T19:31:50.170",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.363",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-427/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
FKIE_CVE-2025-6646
Vulnerability from fkie_nvd - Published: 2025-06-25 22:15 - Updated: 2025-07-01 19:32
Severity ?
Summary
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26643.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.pdf-xchange.com/support/security-bulletins.html | Vendor Advisory | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-431/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pdf-xchange | pdf-tools | 10.5.2.395 | |
| pdf-xchange | pdf-xchange_editor | 10.5.2.395 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-tools:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD9DF1A-4580-487C-B5CD-5CFEA9B9EFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.5.2.395:*:*:*:*:*:*:*",
"matchCriteriaId": "38301DEE-CA79-48C7-9E8C-1EA9EDEFACD3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26643."
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n de uso tras liberaci\u00f3n en el an\u00e1lisis de archivos U3D del editor PDF-XChange. Esta vulnerabilidad permite a atacantes remotos divulgar informaci\u00f3n confidencial sobre las instalaciones afectadas del editor PDF-XChange. Para explotar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario, ya que el objetivo debe visitar una p\u00e1gina maliciosa o abrir un archivo malicioso. La falla espec\u00edfica se encuentra en el an\u00e1lisis de archivos U3D. El problema se debe a que no se valida la existencia de un objeto antes de realizar operaciones en \u00e9l. Un atacante puede aprovechar esto, junto con otras vulnerabilidades, para ejecutar c\u00f3digo arbitrario en el contexto del proceso actual. Era ZDI-CAN-26643."
}
],
"id": "CVE-2025-6646",
"lastModified": "2025-07-01T19:32:59.540",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
},
"published": "2025-06-25T22:15:21.887",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-431/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Primary"
}
]
}
CVE-2025-27931 (GCVE-0-2025-27931)
Vulnerability from cvelistv5 – Published: 2025-08-05 14:49 – Updated: 2025-11-03 19:46
VLAI?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PDF-XChange Co. Ltd | PDF-XChange Editor |
Affected:
10.5.2.395
|
Credits
Discovered by KPC of Cisco Talos.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-05T20:11:29.390696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T20:11:38.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:46:39.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange Co. Ltd",
"versions": [
{
"status": "affected",
"version": "10.5.2.395"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T14:49:26.305Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2171",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-27931",
"datePublished": "2025-08-05T14:49:26.305Z",
"dateReserved": "2025-04-07T20:48:35.981Z",
"dateUpdated": "2025-11-03T19:46:39.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47152 (GCVE-0-2025-47152)
Vulnerability from cvelistv5 – Published: 2025-08-05 14:49 – Updated: 2025-11-03 20:04
VLAI?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PDF-XChange Co. Ltd | PDF-XChange Editor |
Affected:
10.6.0.396
|
Credits
Discovered by KPC of Cisco Talos.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-05T20:11:03.234769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T20:11:12.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:04:35.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange Co. Ltd",
"versions": [
{
"status": "affected",
"version": "10.6.0.396"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T14:49:25.514Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2203",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-47152",
"datePublished": "2025-08-05T14:49:25.514Z",
"dateReserved": "2025-06-11T07:45:31.373Z",
"dateUpdated": "2025-11-03T20:04:35.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6640 (GCVE-0-2025-6640)
Vulnerability from cvelistv5 – Published: 2025-06-25 21:43 – Updated: 2025-06-30 20:22
VLAI?
Summary
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26527.
Severity ?
7.8 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PDF-XChange | PDF-XChange Editor |
Affected:
10.5.2.395
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6640",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-30T19:35:23.492983Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-30T20:22:03.888Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange",
"versions": [
{
"status": "affected",
"version": "10.5.2.395"
}
]
}
],
"dateAssigned": "2025-06-25T14:29:27.775Z",
"datePublic": "2025-06-25T21:32:12.158Z",
"descriptions": [
{
"lang": "en",
"value": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of U3D files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26527."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-25T21:43:23.629Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-425",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-425/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.pdf-xchange.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-6640",
"datePublished": "2025-06-25T21:43:23.629Z",
"dateReserved": "2025-06-25T14:29:27.671Z",
"dateUpdated": "2025-06-30T20:22:03.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27931 (GCVE-0-2025-27931)
Vulnerability from nvd – Published: 2025-08-05 14:49 – Updated: 2025-11-03 19:46
VLAI?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PDF-XChange Co. Ltd | PDF-XChange Editor |
Affected:
10.5.2.395
|
Credits
Discovered by KPC of Cisco Talos.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27931",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-05T20:11:29.390696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T20:11:38.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:46:39.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange Co. Ltd",
"versions": [
{
"status": "affected",
"version": "10.5.2.395"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T14:49:26.305Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2171",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2171"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-27931",
"datePublished": "2025-08-05T14:49:26.305Z",
"dateReserved": "2025-04-07T20:48:35.981Z",
"dateUpdated": "2025-11-03T19:46:39.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-47152 (GCVE-0-2025-47152)
Vulnerability from nvd – Published: 2025-08-05 14:49 – Updated: 2025-11-03 20:04
VLAI?
Summary
An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PDF-XChange Co. Ltd | PDF-XChange Editor |
Affected:
10.6.0.396
|
Credits
Discovered by KPC of Cisco Talos.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-05T20:11:03.234769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T20:11:12.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:04:35.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange Co. Ltd",
"versions": [
{
"status": "affected",
"version": "10.6.0.396"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-05T14:49:25.514Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2203",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2203"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2025-47152",
"datePublished": "2025-08-05T14:49:25.514Z",
"dateReserved": "2025-06-11T07:45:31.373Z",
"dateUpdated": "2025-11-03T20:04:35.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}