CNNVD-202512-4060 Information
Dec 23, 2025
cve
CNNVD ID
CNNVD-202512-4060
Related CVE
- CNNVD Published: 2025-12-23
Description (Chinese)
Soda PDF Desktop是加拿大Soda公司的一个全功能PDF编辑软件。 Soda PDF Desktop存在缓冲区错误漏洞,该漏洞源于解析PDF文件时缺少对用户提供数据的验证,可能导致越界写入和远程代码执行。
Description (English)
Soda PDF Desktop is a full-purpose PDF editing software for Soda Canada. Soda PDF Desktop has a buffer zone error loophole, which stems from the lack of validation of data provided by users when the PDF files are deciphered and may lead to cross-border writing and remote code execution.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
Soda
Published
2025-12-23
Last Modified
2026-02-24
References
https://www.zerodayinitiative.com/advisories/ZDI-25-1082/
Share on: