CVE-2018-25217

High CVSS: 8.6

PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.

Vendor

Rttsoftware

Product

Pdf Explorer

CWE

CWE-787

Yayın Tarihi

2026-03-26 14:16:05

Güncelleme

2026-03-27 18:16:39

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-787 Pdf Explorer HIGH Rttsoftware 2026

Referanslar

http://www.rttsoftware.com/ https://www.exploit-db.com/exploits/46016 https://www.rttsoftware.com/files/PDFExplorerTrialSetup.zip https://www.vulncheck.com/advisories/pdf-explorer-structured-exception-handler-local-code-execution