Gonitro Nitro Pro vulnerabilities

CVE-2021-21796 [HIGH] CWE-416 CVE-2021-21796: An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroyed and then later reused, resulting in a use-after-free vulnerability, which can lead to code execution under the context of the application. An attacker c

CVE-2021-21797 [HIGH] CWE-415 CVE-2021-21797: An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application

CVE-2021-21798 [HIGH] CWE-562 CVE-2021-21798: An exploitable return of stack variable address vulnerability exists in the JavaScript implementatio An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the context of the application. An attacker can convince a

CVE-2018-18688 [MEDIUM] CWE-347 CVE-2018-18688: The Portable Document Format (PDF) specification does not provide any information regarding the conc The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user witho

CVE-2018-18689 [MEDIUM] CWE-347 CVE-2018-18689: The Portable Document Format (PDF) specification does not provide any information regarding the conc The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Fox

CVE-2020-6113 [HIGH] CWE-190 CVE-2020-6113: An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, In An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calcula

CVE-2020-6115 [HIGH] CWE-416 CVE-2020-6115: An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro So An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the object’s cross-reference table entry inside a stack variabl

CVE-2020-6116 [HIGH] CWE-680 CVE-2020-6116: An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, I An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors. When using this allocated buffer, the application can wri

CVE-2020-6112 [HIGH] CWE-823 CVE-2020-6112: An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memor

CVE-2020-6146 [HIGH] CWE-122 CVE-2020-6146: An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13 An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Due to

CVE-2020-6074 [HIGH] CWE-416 CVE-2020-6074: An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A spec An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2020-6092 [HIGH] CWE-190 CVE-2020-6092: An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern ob An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file.

CVE-2020-6093 [MEDIUM] CWE-824 CVE-2020-6093: An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a malicious file.

CVE-2020-10222 [HIGH] CVE-2020-10222: npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_propert npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document.

CVE-2020-10223 [HIGH] CWE-787 CVE-2020-10223: npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corr npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.

CVE-2019-18958 [HIGH] CWE-732 CVE-2019-18958: Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the Nitro Pro before 13.2 creates a debug.log file in the directory where a .pdf file is located, if the .pdf document was produced by an OCR operation on the JPEG output of a scanner. Reportedly, this can have a security risk if debug.log is later edited and then executed.

CVE-2017-7442 [HIGH] CWE-22 CVE-2017-7442: Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL call Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.

CVE-2017-7950 [MEDIUM] CWE-20 CVE-2017-7950: Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.