2 matches found
CVE-2020-6115
An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the...
CVE-2020-6115
Nitro CVE-2020-6115 affects Nitro Pro (notably 13.13.2.242 and 13.16.2.300). The root cause is a use-after-free triggered by a cross-reference (xref) table repair when a crafted PDF omits an object referenced by a trailer-controlled xref. During parsing, Nitro may resize the cross-reference table...