Detections
Analytics
PDF-XChange Editor = 10.7.3.401 Out-of-Bounds Read
medium Nessus Plugin ID 277583
Synopsis
A PDF editing application installed on the remote Windows host is affected by a out-of-bounds read vulnerability.Description
The version of PDF-XChange Editor installed on the remote Windows host is equal to 10.7.3.401. It is, therefore, affected by the following vulnerability:- An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to PDF-XChange Editor version 10.7.3.403 or later.See Also
https://www.pdf-xchange.com/support/security-bulletins.html
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2280
Plugin Details
Severity: Medium
ID: 277583
File Name: pdf_xchange_editor_10_7_3_403.nasl
Version: 1.1
Type: local
Agent: windows
Family: Windows
Published: 12/5/2025
Updated: 12/5/2025
Configuration: Enable thorough checks (optional)
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2025-58113
CVSS v3
Risk Factor: Medium
Base Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Information
CPE: cpe:/a:tracker-software:pdf-xchange_editor
Required KB Items: SMB/Registry/Enumerated, installed_sw/PDF-XChange Editor
Patch Publication Date: 10/28/2025
Vulnerability Publication Date: 10/28/2025
Reference Information
CVE: CVE-2025-58113
IAVB: 2025-B-0195