Vulnerabilities > CVE-2018-7264 - Out-of-bounds Write vulnerability in Activepdf Toolkit
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions. CVE-2018-7264. Dos exploit for Windows platform |
| file | exploits/windows/dos/44251.txt |
| id | EDB-ID:44251 |
| last seen | 2018-05-24 |
| modified | 2018-03-05 |
| platform | windows |
| port | |
| published | 2018-03-05 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/44251/ |
| title | ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions |
| type | dos |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/146599/activepdftoolkit-exec.txt |
| id | PACKETSTORM:146599 |
| last seen | 2018-03-01 |
| published | 2018-02-27 |
| reporter | Francois Goichon |
| source | https://packetstormsecurity.com/files/146599/ActivePDF-Toolkit-Code-Execution.html |
| title | ActivePDF Toolkit Code Execution |