CVE-2018-6462
NONE EPSS 82.8%
Published Jan 31, 20188y ago · Modified Jun 17, 20262w ago
Published Jan 31, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.
Threat Intelligence
EPSS Exploit Probability
82.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 2
| Vendor | Product | Version | Range |
|---|---|---|---|
| tracker-software | pdf-xchange_viewer | * | <2.5.322.8 |
| tracker-software | viewer_ax_sdk | * | <2.5.322.8 |
References 2
- herolab.usd.de https://herolab.usd.de/wp-content/uploads/sites/4/2018/07/usd20180019.txt
- tracker-software.com https://www.tracker-software.com/company/news_press_events/view/179
Remediation
- tracker-software.com https://www.tracker-software.com/company/news_press_events/view/179