CVE-2022-42408: PDF-XChange Editor EMF File Parsing Use-After-Free Information Disclosure Vulnerability
First published: Thu Jan 26 2023(Updated: )
Credit: zdi-disclosures@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tracker-software Pdf-xchange Editor | <9.5.366.0 | |
| PDF-XChange PDF-XChange Editor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-42408.
What is the severity rating of CVE-2022-42408?
CVE-2022-42408 has a severity rating of 5.5 (Medium).
How can remote attackers exploit CVE-2022-42408?
Remote attackers can exploit CVE-2022-42408 by tricking a user into visiting a malicious page or opening a malicious file.
Which software versions are affected by CVE-2022-42408?
Versions of PDF-XChange Editor up to and excluding 9.5.366.0 are affected by CVE-2022-42408.
How can I fix CVE-2022-42408?
To fix CVE-2022-42408, update PDF-XChange Editor to a version beyond 9.5.366.0.
- collector/nvd-index
- collector/zdi-advisory
- alias/ZDI-22-1366
- alias/ZDI-CAN-18543
- alias/CVE-2022-42408
- vendor/tracker-software
- canonical/tracker-software pdf-xchange editor
- vendor/pdf-xchange
- canonical/pdf-xchange pdf-xchange editor