Vulnerabilities > CVE-2018-6462 - Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Viewer and Viewer AX SDK

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.

Vulnerable Configurations

Part Description Count
Application
Tracker-Software
108

Common Weakness Enumeration (CWE)