Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2023-42127
7.8HIGH
What is CVE-2023-42127?
The vulnerability within Kofax Power PDF is related to its handling of PDF file parsing. Specifically, the flaw arises due to insufficient validation of user-supplied input, which can lead to an out-of-bounds write condition. This issue enables remote attackers to execute arbitrary code when a user interacts with a malicious PDF file or visits a harmful webpage. The nature of this vulnerability requires user engagement for exploitation, proving a potential risk for those using affected installations without timely updates.
Affected Version(s)
Power PDF 5.0.0.57 (5.0.0.10)