{"id":7247,"date":"2025-06-25T18:20:43","date_gmt":"2025-06-25T18:20:43","guid":{"rendered":"http:\/\/localhost\/?p=7247"},"modified":"2025-06-25T18:20:43","modified_gmt":"2025-06-25T18:20:43","slug":"pdf-xchange-editor-jp2-file-parsing-out-of-bounds-write-remote-code-execution-vulnerability","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7247","title":{"rendered":"PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nPDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-25T21:42:40.973Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nPDF-XChange<\/td>\n<\/tr>\n
Product<\/th>\nPDF-XChange Editor<\/td>\n<\/tr>\n
Version<\/th>\n10.5.2.395<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n0.0 ()<\/td>\n<\/tr>\n
Attack Vector<\/th>\n<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThis vulnerability allows remote attackers to execute arbitrary code on PDF-XChange Editor by exploiting an out-of-bounds write issue in JP2 file parsing. User interaction is required, such as opening a malicious file. The flaw stems from improper validation of user-supplied data.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
Vendor<\/th>\nPDF-XChange<\/td>\n<\/tr>\n
Product<\/th>\nPDF-XChange Editor<\/td>\n<\/tr>\n
Affected Version<\/th>\n10.5.2.395<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n