Login Sign Up

CVE-2023-42084

5.5 MEDIUM

📋 TL;DR

PDF-XChange Editor contains an out-of-bounds read vulnerability when parsing EMF files, allowing attackers to disclose sensitive information from memory. Users who open malicious PDF files or visit malicious web pages containing EMF content are affected. This vulnerability requires user interaction to trigger.

💻 Affected Systems

Products:
  • PDF-XChange Editor
Versions: Versions prior to 10.1.1.381
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations with EMF file parsing enabled are vulnerable by default.

📦 What is this software?

Pdf Tools by Pdf Xchange

View all CVEs affecting Pdf Tools →

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the current process context.

🟠

Likely Case

Information disclosure from process memory, potentially exposing sensitive data or system information.

🟢

If Mitigated

Limited information disclosure with proper sandboxing and memory protections.

🌐 Internet-Facing: MEDIUM - Requires user interaction but can be delivered via web pages or email attachments.
🏢 Internal Only: MEDIUM - Similar risk profile internally, requires user interaction with malicious content.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction to open malicious file/visit malicious page. Often used in combination with other vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.1.1.381 and later

Vendor Advisory: https://www.tracker-software.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Download latest version from tracker-software.com 2. Run installer 3. Restart system 4. Verify version is 10.1.1.381 or higher

🔧 Temporary Workarounds

Disable EMF file processing

windows

Prevent PDF-XChange Editor from processing EMF files

Not applicable - configuration change in application settings

Application sandboxing

windows

Run PDF-XChange Editor in restricted environment

Not applicable - use Windows Sandbox or similar

🧯 If You Can't Patch

  • Restrict user permissions to prevent opening untrusted PDF files
  • Implement application whitelisting to block PDF-XChange Editor execution

🔍 How to Verify

Check if Vulnerable:

Check Help > About in PDF-XChange Editor for version number

Check Version:

Not applicable - check via GUI Help > About menu

Verify Fix Applied:

Verify version is 10.1.1.381 or higher in Help > About

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing EMF files
  • Unusual memory access patterns

Network Indicators:

  • Downloads of EMF files from untrusted sources
  • Malicious PDF file transfers

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="PDFXEdit.exe" AND ExceptionCode=0xC0000005

📊 Metadata

CVE ID: CVE-2023-42084
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: May 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42084, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)