CVE-2023-42073 – This vulnerability in PDF-XChange Editor allows... (How to Fix)

Q: What is the severity of CVE-2023-42073?

CVE-2023-42073 has a CVSS score of 5.5 (MEDIUM). This vulnerability in PDF-XChange Editor allows attackers to read memory beyond allocated boundaries when processing malicious PDF files with embedded JavaScript. It affects users who open untrusted PDF documents, potentially leading to information disclosure that could be combined with other exploits for code execution.

📋 TL;DR

This vulnerability in PDF-XChange Editor allows attackers to read memory beyond allocated boundaries when processing malicious PDF files with embedded JavaScript. It affects users who open untrusted PDF documents, potentially leading to information disclosure that could be combined with other exploits for code execution.

💻 Affected Systems

Products:

PDF-XChange Editor

Versions: Versions prior to 10.1.1.380

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all Windows versions where PDF-XChange Editor is installed. JavaScript must be enabled (default setting).

📦 What is this software?

Pdf Tools by Pdf Xchange

View all CVEs affecting Pdf Tools →

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the context of the current user, potentially resulting in full system compromise.

🟠

Likely Case

Sensitive memory contents disclosure including potentially authentication tokens, passwords, or other application data that could facilitate further attacks.

🟢

If Mitigated

Limited information disclosure with no code execution due to proper sandboxing and security controls.

🌐 Internet-Facing: MEDIUM - Requires user interaction to open malicious PDF, but PDFs are commonly shared via email and web.

🏢 Internal Only: MEDIUM - Internal users could be tricked into opening malicious PDFs via phishing or shared drives.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction to open malicious PDF. Exploit requires JavaScript execution within PDF context.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.1.1.380 and later

Vendor Advisory: https://www.tracker-software.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Download latest version from tracker-software.com 2. Run installer 3. Restart system 4. Verify version is 10.1.1.380 or higher

🔧 Temporary Workarounds

Disable JavaScript in PDF-XChange Editor

windows

Prevents JavaScript execution in PDF files, blocking the exploitation vector

Settings > Preferences > JavaScript > Uncheck 'Enable JavaScript Actions'

Use alternative PDF viewer

windows

Temporarily use different PDF software until patched

🧯 If You Can't Patch

Implement application whitelisting to block PDF-XChange Editor execution
Deploy email/web filtering to block PDF attachments from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Open PDF-XChange Editor > Help > About. Check if version is below 10.1.1.380

Check Version:

Get-ItemProperty 'HKLM:\SOFTWARE\Tracker Software\PDFXEditor3' | Select-Object -ExpandProperty Version

Verify Fix Applied:

Confirm version is 10.1.1.380 or higher in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

Application crashes of PDF-XChange Editor
Unusual memory access patterns in application logs

Network Indicators:

Downloads of PDF files from suspicious sources
PDF files with embedded JavaScript

SIEM Query:

source="PDF-XChange Editor" AND (event="crash" OR event="exception")

📊 Metadata

CVE ID: CVE-2023-42073

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: May 3, 2024

Last Updated: May 16, 2025

🔗 References

https://www.tracker-software.com/support/security-bulletins.html Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1374/ Third Party Advisory
https://www.tracker-software.com/support/security-bulletins.html Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1374/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42073, you might also want to check these: