First published: Wed Dec 27 2017(Updated: )
The launchURL function in PDF-XChange Viewer 2.5 (Build 314.0) might allow remote attackers to execute arbitrary code via a crafted PDF file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tracker-software Pdf-xchange Viewer | =2.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-13056 is a vulnerability in PDF-XChange Viewer 2.5 (Build 314.0) that may allow remote attackers to execute arbitrary code via a crafted PDF file.
CVE-2017-13056 has a severity rating of 7.8, which is considered high.
Remote attackers can exploit CVE-2017-13056 by sending a crafted PDF file to the vulnerable PDF-XChange Viewer 2.5 (Build 314.0), which may allow them to execute arbitrary code.
At the moment, there is no available fix for CVE-2017-13056. It is recommended to update to a newer version of PDF-XChange Viewer if possible.
Yes, there is a known exploit for CVE-2017-13056. More information about the exploit can be found at the provided reference link.