Vulnerabilities > Tracker Software > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-11 | CVE-2019-17497 | Insufficiently Protected Credentials vulnerability in Tracker-Software Pdf-Xchange Editor Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). | 4.3 |
| 2018-09-01 | CVE-2018-16303 | XXE vulnerability in Tracker-Software Pdf-Xchange Editor PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. | 5.0 |
| 2018-01-31 | CVE-2018-6462 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Viewer and Viewer AX SDK Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | 6.8 |
| 2017-12-27 | CVE-2017-13056 | Improper Input Validation vulnerability in Tracker-Software Pdf-Xchange Viewer 2.5 The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | 6.8 |
| 2012-09-07 | CVE-2010-5245 | Unspecified vulnerability in Tracker-Software Pdf-Xchange Viewer 2.0.54.0 Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. local tracker-software | 6.9 |