CNNVD-202512-4062 Information

CNNVD ID

CNNVD-202512-4062

Related CVE

CVE-2025-14407

• CNNVD Published: 2025-12-23

Description (Chinese)

Soda PDF Desktop是加拿大Soda公司的一个全功能PDF编辑软件。 Soda PDF Desktop存在缓冲区错误漏洞，该漏洞源于解析PDF文件时缺少对用户提供数据的验证，可能导致内存损坏和信息泄露。

Description (English)

Soda PDF Desktop is a full-purpose PDF editing software for Soda Canada. Soda PDF Desktop had an error loophole in the buffer zone, which stemmed from the lack of validation of the data provided by users when the PDF file was deciphered and could lead to memory damage and information leaks.

Hazard Level

Critical

Vulnerability Type

缓冲区错误

Affected Vendor

Soda

Published

2025-12-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-1080/