CVE-2018-25217

EUVD-2018-21692
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
VulnCheckCNA
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
rttsoftwarepdf_explorer
1.5.66.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.rttsoftware.com/
https://www.exploit-db.com/exploits/46016
https://www.rttsoftware.com/files/PDFExplorerTrialSetup.zip
https://www.vulncheck.com/advisories/pdf-explorer-structured-exception-handler-local-code-execution