cbcvebase.
CVE-2020-6113
published 2020-09-17

CVE-2020-6113: An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its…

PriorityP356high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
68.62%
99.3th percentile
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calculating this size, an integer overflow may occur which can result in an undersized buffer being allocated. Later when initializing this buffer, the application can write outside its bounds which can cause a memory corruption that can lead to code execution. A specially crafted document can be delivered to a victim in order to trigger this vulnerability.

Affected

3 ranges
VendorProductVersion rangeFixed in
gonitronitro_pro
gonitronitro_pro
gonitronitro_pro

Detection & IOCsextracted from sources · hover to see the quote

snort
53114
snort
53115
snort
53948
snort
53949
snort
53990
snort
53991
snort
53992
snort
53993
snort
54010
snort
54011
snort
54047
snort
54048
  • CVE-2020-6113 is triggered via a specially crafted PDF document exploiting integer overflow in object stream parsing during cross-reference table update; delivery is via document to a victim — monitor for malformed PDF object streams with anomalous indirect object counts.
  • Exploit delivery vector is a specially crafted PDF document sent to a victim; inspect PDF files for malformed object streams targeting Nitro Pro 13.13.2.242.
  • ·Snort rules listed cover all Nitro Pro vulnerabilities in the advisory (CVE-2020-6112, CVE-2020-6113, CVE-2020-6115, CVE-2020-6116, CVE-2020-6146); rules specific to CVE-2020-6113 alone are not individually identified in the source.
  • ·Additional Snort rules may be released at a future date and current rules are subject to change; consult Firepower Management Center or Snort.org for the most current rule information.

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.