Vulnerability Details CVE-2025-0901
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25372.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.0%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-0901
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:-
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.0.0.370
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.0.1.371
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.0.380
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.1.381
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.2.382
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.1.3.383
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.2.0.384
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.2.1.385
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.0.386
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.3.1.387
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:10.4.0.388
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.305.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.306.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.306.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.307.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.307.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.307.2
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:3.0.308.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.308.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.308.2
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.309.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.310.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.311.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.312.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.312.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.313.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.314.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.315.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.316.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:5.5.316.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.317.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.317.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.318.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.318.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.319.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.320.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.320.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.321.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.3
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.4
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.5
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.6
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:6.0.322.7
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.237.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.323.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.323.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.323.2
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.324.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.324.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.324.2
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.324.3
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.325.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.325.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.326
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.326.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.326.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.327.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.327.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.328.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.328.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:7.0.328.2
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.330.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.330.1
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.332.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.333.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.334.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.335.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.336.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.337.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.338.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.339.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.340.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.341.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.342.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:8.0.343.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.0.350.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.0.351.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.0.352.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.3
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.3.361.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.5.366.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.5.367.0
-
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:9.5.368.0