Home / Vulnerability Intelligence / CVE-2018-25217

CVE-2018-25217 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 26, 2026

PDF Explorer - Remote Code Execution

Published: March 26, 2026Updated: March 26, 2026

Overview

PDF Explorer 1.5.66.2 contains a buffer overflow vulnerability caused by improper handling of SEH records in the Custom fields settings dialog, letting local attackers execute arbitrary code by crafting malicious input in the Label field.

Severity & Score

Severity: High

CVSS Score: 8.4

Impact

Local attackers can execute arbitrary code, potentially gaining full control of the affected system.

Mitigation

Update to the latest version of PDF Explorer.

References

https://www.vulncheck.com/advisories/pdf-explorer-structured-exception-handler-local-code-execution
http://www.rttsoftware.com/
https://www.exploit-db.com/exploits/46016
https://www.rttsoftware.com/files/PDFExplorerTrialSetup.zip

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2018-25217
Severity: High
CVSS Score: 8.4
Type: buffer_overflow
Status: unconfirmed

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H