Login Sign Up

CVE-2023-42065

5.5 MEDIUM

📋 TL;DR

This vulnerability in PDF-XChange Editor allows attackers to read memory beyond allocated bounds when parsing malicious JP2 files, potentially disclosing sensitive information. Users who open malicious PDF files or visit malicious websites containing these files are affected. The vulnerability requires user interaction to trigger.

💻 Affected Systems

Products:
  • PDF-XChange Editor
Versions: Versions prior to 10.1.1.380
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations with vulnerable versions are affected when processing JP2 files.

📦 What is this software?

Pdf Tools by Pdf Xchange

View all CVEs affecting Pdf Tools →

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the current process context.

🟠

Likely Case

Information disclosure of process memory contents, potentially revealing sensitive data.

🟢

If Mitigated

Limited impact with proper file validation and user awareness preventing malicious file execution.

🌐 Internet-Facing: MEDIUM - Requires user interaction but malicious files could be delivered via web or email.
🏢 Internal Only: MEDIUM - Similar risk internally if users open untrusted files.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction to open malicious file. No public exploit code available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.1.1.380 and later

Vendor Advisory: https://www.tracker-software.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Download latest version from official website. 2. Run installer. 3. Restart system. 4. Verify version is 10.1.1.380 or higher.

🔧 Temporary Workarounds

Disable JP2 file processing

windows

Configure PDF-XChange Editor to not process JP2 files or use alternative PDF viewer for untrusted files.

User awareness training

all

Train users to avoid opening untrusted PDF files from unknown sources.

🧯 If You Can't Patch

  • Use application control to block execution of vulnerable PDF-XChange Editor versions
  • Implement email filtering to block JP2 attachments and monitor for suspicious file activity

🔍 How to Verify

Check if Vulnerable:

Check Help > About in PDF-XChange Editor for version number. If version is below 10.1.1.380, system is vulnerable.

Check Version:

Not applicable - check via GUI Help > About menu

Verify Fix Applied:

Verify version is 10.1.1.380 or higher in Help > About dialog.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing JP2 files
  • Unusual file access patterns to JP2 files

Network Indicators:

  • Downloads of JP2 files from untrusted sources
  • Email attachments with JP2 extensions

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="PDFXEdit.exe" AND ExceptionCode=0xC0000005

📊 Metadata

CVE ID: CVE-2023-42065
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: May 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42065, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)