FortiClient VulnerabilityLULU Soda PDF Desktop CVE-2018-18689 Signature Verification Bypass Vulnerability
Description
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Soda PDF Desktop.
Affected Applications
Soda PDF Desktop
CVE References
CVE-2018-18689Other References
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18689| ID | 2188 |
| Created | May 20, 2021 |
| Description Updated |
Oct 26, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | LULU Software |
| Patch | manual |
| Application | Soda PDF Desktop |