汇总 tracker-software 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、内存损坏与输入验证问题,在 生产负载与软件部署 使用场景中可能带来 应用崩溃、内存损坏与异常行为 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2018-18689 | The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Read | [email protected] | 5.3 | 3.69% | 2021-01-07 | 2026-06-16 |
| CVE-2018-6462 | Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | [email protected] | 7.8 | 2.51% | 2018-01-31 | 2026-06-16 |
| CVE-2017-13056 | The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file. | [email protected] | 7.8 | 5.59% | 2017-12-27 | 2026-06-16 |
| CVE-2013-0729 | Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file. | [email protected] | 9.3 | 6.20% | 2014-04-02 | 2026-06-16 |
| CVE-2012-5324 | Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in the (1) sub_path parameter to the StoreInRegistry function or (2) sub_key parameter to the InitFromRegistry function. | [email protected] | 9.3 | 6.28% | 2012-10-08 | 2026-06-16 |
| CVE-2010-5245 | Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information. | [email protected] | 6.9 | 0.40% | 2012-09-07 | 2026-06-16 |