Описание
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \192.168.0.2\C$\file.pdf without user interaction.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0.330.0 (исключая)
cpe:2.3:a:pdf-xchange:pdf-xchange_editor:*:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02302
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993). For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction.
EPSS
Процентиль: 84%
0.02302
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-522