PT-2018-17985 · Activepdf · Activepdf Toolkit
François Goichon
·
Publicado
2018-02-28
·
Atualizado
2018-03-23
·
CVE-2018-7264
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ActivePDF toolkit versions through 2018.1.0.18321
Description
The issue is related to the Pictview image processing library embedded in the ActivePDF toolkit, which is prone to multiple out of bounds write and sign errors. This allows a remote attacker to execute arbitrary code on vulnerable applications that use the ActivePDF Toolkit to process untrusted images.
Recommendations
For versions through 2018.1.0.18321, update to a version later than 2018.1.0.18321 to resolve the issue.
Exploit
Correção
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Activepdf Toolkit