Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-7950Improper Input Validation in Nitro PRO

CWE-20Improper Input Validation4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 73.73%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Gonitro Nitro PRO
Timeline
PublishedJul 7
Latest updateMay 13

Description

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDgonitro/nitro_pro11.0.3

🔴Vulnerability Details

2
GHSA
GHSA-9f99-jv4j-478p: Nitro Pro 112022-05-13
CVEList
CVE-2017-7950: Nitro Pro 112017-07-07

💥Exploits & PoCs

1
Exploit-DB
Nitro Pro PDF - Multiple Vulnerabilities2017-07-24
CVE-2017-7950 — Improper Input Validation in Nitro PRO | cvebase