PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 漏洞信息(CVE-2025-0900)

一、漏洞 CVE-2025-0900 基础信息

美国国家漏洞数据库 NVD

漏洞标题

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

来源：美国国家漏洞数据库 NVD

漏洞描述信息

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25368.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

跨界内存读

来源：美国国家漏洞数据库 NVD

二、漏洞 CVE-2025-0900 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2025-0900 的情报信息

https://www.zerodayinitiative.com/advisories/ZDI-25-086/ x_research-advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-0900

一、 漏洞 CVE-2025-0900 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2025-0900 的公开POC

三、漏洞 CVE-2025-0900 的情报信息

一、漏洞 CVE-2025-0900 基础信息