Arbitrary Code Execution Vulnerability in Tracker PDF-XChange Viewer and Viewer AX SDK
CVE-2018-6462 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.
Learn more about our Web Application Penetration Testing UK.