26 Jan 2023
Vulnérabilité CVE-2022-42377 CVE Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630. (CVSS:0.0) (Last Update:2023-01-26)
Vulnerability Details : This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630. Publish Date : 2023-01-26 Last Update Date : 2023-01-26 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2022-42377
- References For CVE-2022-42377
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2022-42377There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |