The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Feb/74 | Exploit Mailing List Third Party Advisory |
https://www.exploit-db.com/exploits/44251/ | Exploit Third Party Advisory VDB Entry |
Configurations
Information
Published : 2018-02-28 09:29
Updated : 2018-03-23 09:02
NVD link : CVE-2018-7264
Mitre link : CVE-2018-7264
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
activepdf
- activepdf_toolkit