Vulnerability Description
Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in the (1) sub_path parameter to the StoreInRegistry function or (2) sub_key parameter to the InitFromRegistry function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tracker-Software | Pdf-Xchange | 3.60.0128 |
Related Weaknesses (CWE)
References
- http://www.exploit-db.com/exploits/18427Exploit
- http://www.securityfocus.com/bid/51712Exploit
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5067.phpExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72774
- http://www.exploit-db.com/exploits/18427Exploit
- http://www.securityfocus.com/bid/51712Exploit
- http://www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5067.phpExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72774
FAQ
What is CVE-2012-5324?
CVE-2012-5324 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string in...
How severe is CVE-2012-5324?
CVE-2012-5324 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5324?
Check the references section above for vendor advisories and patch information. Affected products include: Tracker-Software Pdf-Xchange.