CVE-2020-6146Heap-based Buffer Overflow in Nitro PRO

CWE-122Heap-based Buffer OverflowCWE-787Out-of-bounds Write5 documents5 sources
Severity
8.8HIGHNVD
EPSS
0.5%
top 33.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gonitro Nitro PRO
Timeline
PublishedSep 16
Latest updateMay 24

Description

An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Due to the object member being a buffer of a static size allocated on the heap, this can result in a heap-based buffer overflow. A specially crafted do

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5gonitro/nitro_proNitro Pro 13.13.2.242, Nitro Pro 13.16.2.300
NVDgonitro/nitro_pro13.13.2.242, 13.16.2.300+1

🔴Vulnerability Details

2
GHSA
GHSA-vqh2-672q-h5xp: An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 132022-05-24
CVEList
CVE-2020-6146: An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 132020-09-16

💥Exploits & PoCs

1
Exploit-DB
MiladWorkShop VIP System 1.0 - 'lang' SQL Injection2020-03-16
CVE-2020-6146 — Heap-based Buffer Overflow in Nitro PRO | cvebase