CVE-2018-18689
First published: Thu Jan 07 2021(Updated: )
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Avanquest eXpert PDF Ultimate | =12.0.20 | |
| Avanquest eXpert PDF Ultimate | =9.0.270 | |
| Foxit Reader | =9.1.0 | |
| Foxit Reader | =9.2.0.9297 | |
| Foxit Reader | =9.3.0.10826 | |
| Gonitro Nitro Pro | =11.0.3.173 | |
| Nitro Reader | =5.5.9.2 | |
| iSkysoft PDFelement 6 | =6.4.2.3521 | |
| iSkysoft PDFelement 6 | =6.8.0.3523 | |
| iSkysoft PDFelement 6 | =6.8.4.3921 | |
| pdfforge PDF Architect | =6.0.37 | |
| pdfforge PDF Architect | =6.1.24.1862 | |
| qoppa PDF Studio | =12.0.7 | |
| qoppa PDF Studio Viewer 2018 | =2018.0.1 | |
| qoppa PDF Studio Viewer 2018 | =2018.2.0 | |
| sodapdf Soda PDF | =9.3.17 | |
| Soda PDF Desktop | =10.2.09 | |
| Soda PDF Desktop | =10.2.16.1217 | |
| soft-xpansion Perfect PDF 10 | =10.0.0.1 | |
| soft-xpansion Perfect PDF Reader | =13.0.3 | |
| soft-xpansion Perfect PDF Reader | =13.1.5 | |
| Tracker Software PDF-XChange Editor | =7.0.237.1 | |
| Tracker Software PDF-XChange Editor | =7.0.326 | |
| Tracker Software PDF-XChange Viewer | =2.5 | |
| Visagesoft eXpert PDF Reader | =9.0.180 | |
| Microsoft Windows | ||
| Foxit Reader | =9.2.0 | |
| iSkysoft PDFelement 6 | =6.6.2.3315 | |
| iSkysoft PDFelement 6 | =6.7.6.3399 | |
| iSkysoft PDFelement 6 | =6.7.1.3355 | |
| iSkysoft PDFelement 6 | =6.7.6.3399 | |
| Apple macOS | ||
| Linux Kernel | ||
| All of | ||
| Any of | ||
| Avanquest eXpert PDF Ultimate | =12.0.20 | |
| Avanquest eXpert PDF Ultimate | =9.0.270 | |
| Foxit Reader | =9.1.0 | |
| Foxit Reader | =9.2.0.9297 | |
| Foxit Reader | =9.3.0.10826 | |
| Gonitro Nitro Pro | =11.0.3.173 | |
| Nitro Reader | =5.5.9.2 | |
| iSkysoft PDFelement 6 | =6.4.2.3521 | |
| iSkysoft PDFelement 6 | =6.8.0.3523 | |
| iSkysoft PDFelement 6 | =6.8.4.3921 | |
| Tracker Software PDF-XChange Editor | =7.0.237.1 | |
| Tracker Software PDF-XChange Editor | =7.0.326 | |
| pdfforge PDF Architect | =6.0.37 | |
| pdfforge PDF Architect | =6.1.24.1862 | |
| qoppa PDF Studio | =12.0.7 | |
| qoppa PDF Studio Viewer 2018 | =2018.0.1 | |
| qoppa PDF Studio Viewer 2018 | =2018.2.0 | |
| sodapdf Soda PDF | =9.3.17 | |
| Soda PDF Desktop | =10.2.09 | |
| Soda PDF Desktop | =10.2.16.1217 | |
| soft-xpansion Perfect PDF 10 | =10.0.0.1 | |
| soft-xpansion Perfect PDF Reader | =13.0.3 | |
| soft-xpansion Perfect PDF Reader | =13.1.5 | |
| Tracker Software PDF-XChange Viewer | =2.5 | |
| Visagesoft eXpert PDF Reader | =9.0.180 | |
| Microsoft Windows | ||
| All of | ||
| Any of | ||
| Foxit Reader | =9.1.0 | |
| Foxit Reader | =9.2.0 | |
| iSkysoft PDFelement 6 | =6.6.2.3315 | |
| iSkysoft PDFelement 6 | =6.7.6.3399 | |
| iSkysoft PDFelement 6 | =6.7.1.3355 | |
| iSkysoft PDFelement 6 | =6.7.6.3399 | |
| qoppa PDF Studio | =12.0.7 | |
| qoppa PDF Studio Viewer 2018 | =2018.0.1 | |
| qoppa PDF Studio Viewer 2018 | =2018.2.0 | |
| Apple macOS | ||
| All of | ||
| Any of | ||
| Foxit Reader | =9.1.0 | |
| Foxit Reader | =9.2.0 | |
| qoppa PDF Studio | =12.0.7 | |
| qoppa PDF Studio Viewer 2018 | =2018.0.1 | |
| qoppa PDF Studio Viewer 2018 | =2018.2.0 | |
| Linux Kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-18689?
CVE-2018-18689 is a Signature Wrapping vulnerability in multiple PDF products.
Which software products are affected by CVE-2018-18689?
The affected software products include Avanquest Expert Pdf Ultimate, Avanquest Pdf Experte Ultimate, Foxitsoftware Foxit Reader, Gonitro Nitro Pro, Iskysoft Pdf Editor 6, Iskysoft Pdfelement6, pdfforge PDF Architect, Qoppa Pdf Studio, Qoppa Pdf Studio Viewer 2018, Sodapdf Soda Pdf, Sodapdf Soda Pdf Desktop, Soft-xpansion Perfect Pdf 10, Soft-xpansion Perfect Pdf Reader, Tracker-software Pdf-xchange Editor, Tracker-software Pdf-xchange Viewer, and Visagesoft Expert Pdf Reader.
What is the severity of CVE-2018-18689?
CVE-2018-18689 has a severity of 5.3, which is considered medium.
How does CVE-2018-18689 work?
CVE-2018-18689 exploits the lack of information in the PDF specification regarding signature validation, allowing attackers to use /ByteRange and xref manipulations.
Are Microsoft Windows, Apple macOS, and Linux Linux kernel vulnerable to CVE-2018-18689?
No, Microsoft Windows, Apple macOS, and Linux Linux kernel are not vulnerable to CVE-2018-18689.
How can I find more information about CVE-2018-18689?
You can find more information about CVE-2018-18689 at the following references: [Link 1](https://pdf-insecurity.org/signature/evaluation_2018.html), [Link 2](https://pdf-insecurity.org/signature/signature.html), [Link 3](https://www.foxitsoftware.com/support/security-bulletins.php).
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- agent/author
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/avanquest
- canonical/avanquest expert pdf ultimate
- version/avanquest expert pdf ultimate/12.0.20
- version/avanquest expert pdf ultimate/9.0.270
- vendor/foxitsoftware
- canonical/foxit reader
- version/foxit reader/9.1.0
- version/foxit reader/9.2.0.9297
- version/foxit reader/9.3.0.10826
- vendor/gonitro
- canonical/gonitro nitro pro
- version/gonitro nitro pro/11.0.3.173
- canonical/nitro reader
- version/nitro reader/5.5.9.2
- vendor/iskysoft
- canonical/iskysoft pdfelement 6
- version/iskysoft pdfelement 6/6.4.2.3521
- version/iskysoft pdfelement 6/6.8.0.3523
- version/iskysoft pdfelement 6/6.8.4.3921
- vendor/pdfforge
- canonical/pdfforge pdf architect
- version/pdfforge pdf architect/6.0.37
- version/pdfforge pdf architect/6.1.24.1862
- vendor/qoppa
- canonical/qoppa pdf studio
- version/qoppa pdf studio/12.0.7
- canonical/qoppa pdf studio viewer 2018
- version/qoppa pdf studio viewer 2018/2018.0.1
- version/qoppa pdf studio viewer 2018/2018.2.0
- vendor/sodapdf
- canonical/sodapdf soda pdf
- version/sodapdf soda pdf/9.3.17
- canonical/soda pdf desktop
- version/soda pdf desktop/10.2.09
- version/soda pdf desktop/10.2.16.1217
- vendor/soft-xpansion
- canonical/soft-xpansion perfect pdf 10
- version/soft-xpansion perfect pdf 10/10.0.0.1
- canonical/soft-xpansion perfect pdf reader
- version/soft-xpansion perfect pdf reader/13.0.3
- version/soft-xpansion perfect pdf reader/13.1.5
- vendor/tracker-software
- canonical/tracker software pdf-xchange editor
- version/tracker software pdf-xchange editor/7.0.237.1
- version/tracker software pdf-xchange editor/7.0.326
- canonical/tracker software pdf-xchange viewer
- version/tracker software pdf-xchange viewer/2.5
- vendor/visagesoft
- canonical/visagesoft expert pdf reader
- version/visagesoft expert pdf reader/9.0.180
- vendor/microsoft
- canonical/microsoft windows
- version/foxit reader/9.2.0
- version/iskysoft pdfelement 6/6.6.2.3315
- version/iskysoft pdfelement 6/6.7.6.3399
- version/iskysoft pdfelement 6/6.7.1.3355
- vendor/apple
- canonical/apple macos
- vendor/linux
- canonical/linux kernel
- vendor/pdf-xchange