Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nuance | pdf_reader | 7.0 |
| nuance | pdf_reader_plus | 7.1 |
Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming table entries.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nuance | pdf_reader | 6.0 |
| nuance | pdf_reader | * |
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| qoppa | pdf_studio | 12.0.7 |
| iskysoft | pdfelement6 | 6.7.6.3399 |
| code-industry | master_pdf_editor | 5.1.12 |
| libreoffice | libreoffice | 6.1.0.3 |
| foxitsoftware | phantompdf | * |
| iskysoft | pdfelement6 | 6.8.4.3921 |
| foxitsoftware | phantompdf | 8.3.9 |
| nuance | power_pdf_standard | 3.0.0.17 |
| iskysoft | pdf_editor_6 | 6.6.2.3315 |
| iskysoft | pdfelement6 | 6.7.1.3355 |
| soft-xpansion | perfect_pdf_10 | 10.0.0.1 |
| libreoffice | libreoffice | 6.0.6.2 |
| iskysoft | pdf_editor_6 | 6.7.6.3399 |
| foxitsoftware | foxit_reader | 9.4 |
| soft-xpansion | perfect_pdf_reader | 13.0.3 |
| iskysoft | pdfelement6 | 6.8.0.3523 |
| qoppa | pdf_studio_viewer_2018 | 2018.2.0 |
| code-industry | master_pdf_editor | 5.1.24 |
| nuance | power_pdf_standard | 7.0 |
| nuance | power_pdf_standard | 3.0.0.30 |
| gonitro | nitro_reader | 5.5.9.2 |
| libreoffice | libreoffice | 6.1.3.2 |
| qoppa | pdf_studio_viewer_2018 | 2018.0.1 |
| soft-xpansion | perfect_pdf_reader | 13.1.5 |
| foxitsoftware | foxit_reader | 9.1.0 |
| gonitro | nitro_pro | 11.0.3.173 |
| code-industry | master_pdf_editor | 5.1.68 |
| iskysoft | pdf_editor_6 | 6.4.2.3521 |
| foxitsoftware | foxit_reader | 9.2.0 |
The exporter/Login.aspx login form in the Exporter in Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection that allows a remote, unauthenticated attacker to read the database (and execute code in some situations) via the txtPassword parameter.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| nuance | winscribe_dictation | 4.1.0.99 |