CVE-2023-39486— PDF-XChange Editor 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2023-39486の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19264.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
内存缓冲区边界内操作的限制不恰当
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
PDF-XChange Editor 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
PDF-XChange Editor是PDF-XChange公司的一个运行在 Microsoft Windows 系统中的 PDF 文件查看软件。 PDF-XChange Editor 存在安全漏洞,该漏洞源于 JP2 File Parsing 内存损坏远程代码执行漏洞。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| PDF-XChange | PDF-XChange Editor | 9.4.364.0 | - |
II. CVE-2023-39486の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2023-39486のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · PDF-XChange · 2024-05-03 · 101 CVEs total
| CVE-2023-42078 | PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability | |
| CVE-2023-42082 | PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-42085 | PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulne | |
| CVE-2023-42070 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability | |
| CVE-2023-42079 | PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerab | |
| CVE-2023-42108 | PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-42058 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-42040 | PDF-XChange Editor mailForm Use-After-Free Code Execution Vulnerability | |
| CVE-2023-42053 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerabilit | |
| CVE-2023-42113 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerabilit | |
| CVE-2023-42075 | PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-42069 | PDF-XChange Editor PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vuln | |
| CVE-2023-42072 | PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerabilit | |
| CVE-2023-42064 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-42086 | PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability | |
| CVE-2023-42112 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerabilit | |
| CVE-2023-42088 | PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-42111 | PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-42057 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | |
| CVE-2023-42074 | PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability |
Showing 20 of 101 CVEs. View all on vendor page →
IV. 関連脆弱性
同じベンダー: PDF-XChange
- CVE-2026-2040
PDF-XChange Editor TrackerUpdate Uncontrolled Search Path El - CVE-2025-6640
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Co - CVE-2025-6641
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Infor - CVE-2025-6642
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remot - CVE-2025-6643
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Infor
同じ弱点: CWE-119
- CVE-2026-22167
GPU DDK - Cache resident PM buffers writable by other GPU re - CVE-2026-27890
Firebird has Pre-Auth DOS when Processing Out of Order CNCT_ - CVE-2026-34864
Huawei HarmonyOS 安全漏洞 - CVE-2026-4149
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code - CVE-2026-34988
Wasmtime leaks data between pooling allocator instances
V. CVE-2023-39486へのコメント
まだコメントはありません