PDF-XChange Viewer DLL Loading Vulnerability

Discussion in 'other security issues & news' started by MrBrian, Sep 4, 2010.

Thread Status:
Not open for further replies.
  1. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
  2. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    FWIW, the following was posted in the Tracker Software Forum by "John" from Tracker Support:

    ...We have run all the suggested tests on both build 2.0050 and 2.0054 (the current latest release) of the PDF-XChange Viewer and concluded that whilst the initial tests suggest a potential flaw is possible - once the full tests are run - the results come back that the PDF-XChange Viewer is in fact not affected - on either build detailed.

    After further exhaustive testing - we do accept however that there is still some (almost inconceivably small) potential 'latitude' for an exploit to occur and we will be adding additional security code to fully block any potential for substitute dll's to be used from any location other than the required genuine DLL's.

    This build will be available (2.00.55) during the week beginning September 6th 2010 as part of our scheduled product update offering...
     
  3. PunchsucKr

    PunchsucKr Registered Member

    Joined:
    Jul 29, 2009
    Posts:
    123
    Good to know.
     
Loading...
Thread Status:
Not open for further replies.