VIR Vulnerability Intelligence Relay

CVE-2013-3485

medium
Published 2013-08-30 · Modified 2026-04-29
CVSS v3
CVSS v2
6.9
VIR risk
6.9

Description

Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.10520 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) api-ms-win-core-localregistry-l1-1-0.dll file in the current working directory.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: PSIRT-CNA@flexerasoftware.com — http://secunia.com/advisories/53207

Application impact
VendorProductVersionsFixed
lulusoftwaresoda_pdf5.1.183.10520

References

Verify integrity in audit chain (admin only). AS-IS.