Vulnerabilities > Tracker Software > PDF Xchange Viewer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-07 | CVE-2018-18689 | Improper Verification of Cryptographic Signature vulnerability in multiple products The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. network low complexity avanquest foxitsoftware gonitro iskysoft pdfforge qoppa sodapdf soft-xpansion tracker-software visagesoft CWE-347 | 5.0 |
| 2018-01-31 | CVE-2018-6462 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Viewer and Viewer AX SDK Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | 6.8 |
| 2017-12-27 | CVE-2017-13056 | Improper Input Validation vulnerability in Tracker-Software Pdf-Xchange Viewer 2.5 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | 6.8 |
| 2012-09-07 | CVE-2010-5245 | Unspecified vulnerability in Tracker-Software Pdf-Xchange Viewer 2.0.54.0 Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. local tracker-software | 6.9 |