PDF-XChange Viewer/PDF-XChange PDF File Handling Memory Corruption

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

It may be possible to execute arbitrary code on the remote system.

Description :

A version of PDF-XChange Viewer, PDF-XChange PDF Viewer SDK or
PDF-XChange installed on the remote host fails to validate input while
opening certain specially crafted PDF files.

By tricking users into opening a malicious PDF file, a remote attacker
could exploit this flaw to execute arbitrary code on the remote

See also :


Solution :

Upgrade to :

- PDF-XChange Viewer/PDF-XChange PDF Viewer SDK 2.0 Build 44 (2.044) or later.
- PDF-XChange 4.0 Build 174 (4.0174) or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 44048 ()

Bugtraq ID: 37582


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now