PDF-XChange Viewer/PDF-XChange PDF File Handling Memory Corruption

High Nessus Plugin ID 44048


It may be possible to execute arbitrary code on the remote system.


A version of PDF-XChange Viewer, PDF-XChange PDF Viewer SDK or PDF-XChange installed on the remote host fails to validate input while opening certain specially crafted PDF files.

By tricking users into opening a malicious PDF file, a remote attacker could exploit this flaw to execute arbitrary code on the remote system.


Upgrade to :

- PDF-XChange Viewer/PDF-XChange PDF Viewer SDK 2.0 Build 44 (2.044) or later.
- PDF-XChange 4.0 Build 174 (4.0174) or later.

See Also




Plugin Details

Severity: High

ID: 44048

File Name: pdf-xchange_multiple_products_mem_corruption.nasl

Version: $Revision: 1.6 $

Type: local

Agent: windows

Family: Windows

Published: 2010/01/18

Modified: 2016/11/02

Dependencies: 44047

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/12/30

Vulnerability Publication Date: 2009/12/30

Reference Information

BID: 37582

OSVDB: 61459

Secunia: 37706