The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NApple macOS
OSApplewszystkie wersjeAvanquest Expert Pdf Ultimate
APPAvanquest12.0.20Avanquest Pdf Experte Ultimate
APPAvanquest9.0.270Foxitsoftware Foxit Reader
APPFoxitsoftware9.1.09.2.09.2.0.92979.3.0.10826Gonitro Nitro Pro
APPGonitro11.0.3.173Gonitro Nitro Reader
APPGonitro5.5.9.2Iskysoft Pdf Editor 6
APPIskysoft6.4.2.35216.6.2.33156.7.6.3399Iskysoft Pdfelement6
APPIskysoft6.7.1.33556.7.6.33996.8.0.35236.8.4.3921Linux Kernel
OSLinuxwszystkie wersjeMicrosoft Windows
OSMicrosoftwszystkie wersjePdfforge Pdf Architect
APPPdfforge6.0.376.1.24.1862Pdf Xchange Editor
APPPdf-Xchange7.0.237.17.0.326Qoppa Pdf Studio
APPQoppa12.0.7Qoppa Pdf Studio Viewer 2018
APPQoppa2018.0.12018.2.0Sodapdf Soda Pdf
APPSodapdf9.3.17Sodapdf Soda Pdf Desktop
APPSodapdf10.2.0910.2.16.1217Soft Xpansion Perfect Pdf 10
APPSoft-Xpansion10.0.0.1Soft Xpansion Perfect Pdf Reader
APPSoft-Xpansion13.0.313.1.5Tracker Software Pdf Xchange Viewer
APPTracker-Software2.5Visagesoft Expert Pdf Reader
APPVisagesoft9.0.180
Related vulnerabilities
Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach