This page lists publicly disclosed CVE vulnerabilities affecting tracker-software pdf-xchange_viewer (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-18689 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Read | [email protected] | 5.3 | 3.69% | 2021-01-07 | 2026-06-16 |
| CVE-2018-6462 | Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | [email protected] | 7.8 | 2.51% | 2018-01-31 | 2026-06-16 |
| CVE-2017-13056 | The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | [email protected] | 7.8 | 5.59% | 2017-12-27 | 2026-06-16 |
| CVE-2013-0729 | Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file. | [email protected] | 9.3 | 6.20% | 2014-04-02 | 2026-06-16 |
| CVE-2010-5245 | Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | [email protected] | 6.9 | 0.40% | 2012-09-07 | 2026-06-16 |