CVE-2018-18689
Description
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit PhantomPDF 8.3.9 | Windows |
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit Reader (9.4.1.16828) | Windows |
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit Reader (9.4.0) | Windows |
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit Reader Enterprise (9.4.1.16828) | Windows |
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit Reader Enterprise (9.4.0) | Windows |
| Vulnerabilities CVE-2018-3956,CVE-2018-18688,CVE-2018-18689 are fixed in Foxit PhantomPDF (9.4.0.16811) | Windows |
| Multiple Vulnerabilities are affected in Foxit Reader 9.3.0.10826 | Windows |
| Multiple Vulnerabilities are affected in Foxit Reader Enterprise 9.3.0.10826 | Windows |
| Vulnerabilities CVE-2017-13056,CVE-2018-18689 are affected in DF-XChange Viewer 2.5 | Windows |
| Multiple Vulnerabilities are affected in Foxit Reader Enterprise 9.1.0 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in Foxit Reader Enterprise 9.2.0.9297 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in PDF-XChange Editor (x64) 7.0.237.1 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in PDF-XChange Editor (x64) 7.0.326 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in PDF-XChange Editor 7.0.237.1 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in PDF-XChange Editor 7.0.326 | Windows |
| Vulnerabilities CVE-2017-13056,CVE-2018-18689 are affected in PDF-XChange Viewer (x64) 2.5 | Windows |
| Multiple vulnerabilities are fixed in Foxit Reader (9.4.1.16828) | Windows |
| Multiple vulnerabilities are fixed in Foxit Reader Enterprise (9.4.1.16828) | Windows |
| Multiple vulnerabilities are fixed in Foxit Reader (9.4.0) | Windows |
| Multiple vulnerabilities are fixed in Foxit Reader Enterprise (9.4.0) | Windows |
| Vulnerabilities CVE-2018-18689 are affected in Soda PDF DeskTop 10.2.09 | Windows |
| Vulnerabilities CVE-2018-18689 are affected in Soda PDF DeskTop 10.2.16.1217 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-311625 | Foxit PhantomPDF 8 (8.3.12.47136) |
| PATCH-308917 | Foxit Reader (9.4.1.16828) |
| PATCH-308710 | Foxit Reader (9.4.0) |
| PATCH-308925 | Foxit Reader Enterprise (9.4.1.16828) |
| PATCH-308712 | Foxit Reader Enterprise (9.4.0) |
| PATCH-308755 | Foxit PhantomPDF (9.4.0.16811) |
| PATCH-341796 | Foxit Reader (2024.3.0.26795) |
| PATCH-341798 | Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise) |
| PATCH-308701 | PDF-XChange Viewer (2.5.322.10) |
| PATCH-341798 | Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise) |
| PATCH-341798 | Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise) |
| PATCH-334295 | PDF-XChange Editor (x64) (10.1.3.383) |
| PATCH-334295 | PDF-XChange Editor (x64) (10.1.3.383) |
| PATCH-334294 | PDF-XChange Editor (10.1.3.383) |
| PATCH-334294 | PDF-XChange Editor (10.1.3.383) |
| PATCH-308702 | PDF-XChange Viewer (x64) (2.5.322.10) |
| PATCH-347386 | Foxit Reader (2025.1.0.27937) |
| PATCH-347385 | Foxit PDF Reader (MSI) (2025.1.0.27937) |
| PATCH-347386 | Foxit Reader (2025.1.0.27937) |
| PATCH-347385 | Foxit PDF Reader (MSI) (2025.1.0.27937) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234