Nitro Pdf Pro Security Vulnerabilities and Issues — Nitro Pdf Pro CVE List

Lucene search

GonitroNitro Pdf Pro

4 matches found

CVE•added 2024/10/09 4:15 a.m.•61 views

CVE-2024-35288

Nitro PDF Pro before 13.70.8.82 and 14.x before 14.26.1.0 allows Local Privilege Escalation in the MSI Installer because custom actions occur unsafely in repair mode. CertUtil is run in a conhost.exe window, and there is a mechanism allowing CTRL+o to launch cmd.exe as NT AUTHORITY\SYSTEM.

7.8CVSS6.9AI score0.00061EPSS

CVE•added 2017/02/10 5:59 p.m.•52 views

CVE-2016-8709

A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability.

8.8CVSS7.7AI score0.00025EPSS

CVE•added 2017/02/10 5:59 p.m.•42 views

CVE-2016-8713

A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerabi...

8.8CVSS7.7AI score0.00025EPSS

CVE•added 2017/02/10 5:59 p.m.•40 views

CVE-2016-8711

A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific PDF file to trigger this vulnerability.

8.8CVSS8AI score0.00122EPSS