Login Sign Up

CVE-2023-42087

5.5 MEDIUM

📋 TL;DR

This vulnerability in PDF-XChange Editor allows attackers to read memory beyond allocated bounds when processing malicious EMF files, potentially disclosing sensitive information. Users who open malicious PDF files or visit compromised websites are affected. The vulnerability requires user interaction but could be combined with other exploits for code execution.

💻 Affected Systems

Products:
  • PDF-XChange Editor
Versions: Versions prior to 10.1.2.382
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations with vulnerable versions are affected when processing EMF files.

📦 What is this software?

Pdf Tools by Pdf Xchange

View all CVEs affecting Pdf Tools →

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the context of the current user process.

🟠

Likely Case

Information disclosure through out-of-bounds memory reads, potentially exposing sensitive data from the application's memory space.

🟢

If Mitigated

Limited information disclosure with proper sandboxing and memory protection controls in place.

🌐 Internet-Facing: MEDIUM - Requires user interaction but can be delivered via web pages or email attachments.
🏢 Internal Only: MEDIUM - Similar risk profile internally if users open untrusted files.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction to open malicious file. Exploit would need to bypass ASLR/DEP for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 10.1.2.382 and later

Vendor Advisory: https://www.tracker-software.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Open PDF-XChange Editor
2. Go to Help > Check for Updates
3. Follow prompts to update to version 10.1.2.382 or later
4. Restart the application

🔧 Temporary Workarounds

Disable EMF file processing

windows

Configure PDF-XChange Editor to not process EMF files or disable related features

Application sandboxing

windows

Run PDF-XChange Editor in restricted/sandboxed environment

🧯 If You Can't Patch

  • Implement application whitelisting to prevent execution of untrusted PDF files
  • Use email/web filtering to block EMF files and suspicious PDF attachments

🔍 How to Verify

Check if Vulnerable:

Check PDF-XChange Editor version in Help > About. If version is below 10.1.2.382, system is vulnerable.

Check Version:

Not applicable - check via GUI in Help > About

Verify Fix Applied:

Verify version is 10.1.2.382 or higher in Help > About dialog.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing EMF files
  • Unusual memory access patterns in application logs

Network Indicators:

  • Downloads of EMF files or suspicious PDFs containing EMF content

SIEM Query:

EventID=1000 OR EventID=1001 AND Source="PDF-XChange Editor" AND Keywords="Crash"

📊 Metadata

CVE ID: CVE-2023-42087
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: May 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42087, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)