18 matches found
CVE-2020-6074
Nitro Pro 13.9.1.155’s PDF parser is affected by a use-after-free in nested pages processing that can lead to heap corruption and potentially remote code execution. The vulnerability arises during PDF parsing when allocating per-page buffers, with a path that frees a page object but does not clea...
CVE-2020-6092
Nitro Pro 13.9.1.155 is affected by a code execution vulnerability tied to parsing of /Pattern objects in PDFs. The underlying issue is an integer overflow in the handling of the Pattern bounding box (/BBox), which can be triggered by crafted PDF patterns and may lead to arbitrary code execution....
CVE-2017-7442
Summary (CVE-2017-7442) : Nitro Pro PDF Reader (version 11.0.3.173) is affected by a remote code execution vulnerability triggered via the Javascript API (saveAs and launchURL) that uses directory traversal sequences. Connected advisories describe a remote exploitation vector: convincing a user t...
CVE-2020-6093
Nitro Pro 13.9.1.155 suffers an information-disclosure vulnerability in its XML error handling during PDF processing. A crafted PDF can trigger uninitialized memory access via NitroPDF’s Javascript error handling pathway (Spidermonkey integration), exposing sensitive heap data. Public writeups (T...
CVE-2020-10222
Nitro Pro’s npdf.dll (versions before 13.13.2.242) is affected by a heap memory corruption vulnerability triggered by a crafted PDF, at npdf!nitro::get_property+2381. Public sources describe the issue as a heap corruption flaw in Nitro Pro’s PDF handling; CVE-2020-10222 carries a high impact with...
CVE-2020-10223
Summary: CVE-2020-10223 affects Nitro Pro’s npdf.dll. The vulnerability is a JBIG2Decode CNxJBIG2DecodeStream heap corruption triggered by a crafted PDF document, impacting versions prior to Nitro Pro 13.13.2.242. The precise vulnerable component is NPDF code path npdf!CAPPDAnnotHandlerUtils::cre...
CVE-2018-18688
The CVE-2018-18688 entry describes a signature-validation bypass in PDF processing that arises because the PDF specification lacks concrete validation procedures for incremental savings. Affected products include Foxit Reader (pre-9.4), Foxit PhantomPDF (pre-8.3.9 and pre-9.4 for 9.x), and other ...
CVE-2018-18689
CVE-2018-18689 describes a Signature Wrapping issue in PDF signature validation caused by missing guidance in the PDF spec, allowing attackers to manipulate /ByteRange and xref without detection. The vulnerability affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4, as ...
CVE-2019-18958
Nitro Pro before 13.2 is affected. The issue arises when a PDF is produced by OCR on the JPEG output of a scanner, causing Nitro Pro to write a debug.log in the same directory as the PDF. Reportedly, if this debug.log is later edited and then executed, it can pose a security risk. Connected docum...
CVE-2020-6146
Nitro Pro 13.13.2.242 and 13.16.2.300 contain a heap-based buffer overflow in ICCBased color space stroke rendering. During page drawing, the code reads a length from the file and uses it as a loop sentinel to write into a static 0x248-byte buffer, allowing an attacker to overflow the heap when t...
CVE-2021-21797
CVE-2021-21797 is a double-free vulnerability in Nitro Pro PDF’s JavaScript runtime (TimeOutObject) that can enable code execution when a specially crafted document is opened. The Red Hat advisory and Talos writeups confirm exploitation via Nitro Pro PDF’s embedded JavaScript, describing a double...
CVE-2017-7950
CVE-2017-7950 affects Nitro Pro 11.0.3 and earlier. A crafted PCX file can cause an application crash (DoS) when Nitro Pro processes the file. Multiple sources (NVD/NV exploits) corroborate the DoS vector; some OpenVAS entries note related vulnerabilities in Nitro Pro. The public documents do not...
CVE-2021-21796
CVE-2021-21796 is an exploitable use-after-free in the Nitro Pro PDF JavaScript implementation. A specially crafted Nitro Pro PDF document can cause a destroyed object (local_file_path) to be reused, enabling code execution under the application context. The vulnerability chain involves: (1) app....
CVE-2020-6113
Nitro Pro ( Nitro Pro 13.13.2.242; and affected builds per TALOS include 13.16.2.300) contains an exploitable vulnerability in object stream parsing during cross-reference table updates. The root cause is an integer overflow when computing memory size for the list of indirect objects, which can a...
CVE-2020-6116
Nitro Pro 13.13.2.242 is affected by an Indexed ColorSpace rendering vulnerability (CVE-2020-6116). The root cause is an integer overflow when computing the indexed palette size for colors in an Indexed colorspace, leading to an undersized malloc and a heap-based buffer overflow during palette po...
CVE-2020-6112
Summary: CVE-2020-6112 is a memory corruption/remote code execution risk in Nitro Pro’s JPEG2000 Stripe Decoding (JPXDecode) path. The root cause is a miscalculation of a pointer while decoding sub-samples in a tile, enabling writes out of bounds to a buffer allocated for stripe decoding. This ca...
CVE-2020-6115
Nitro CVE-2020-6115 affects Nitro Pro (notably 13.13.2.242 and 13.16.2.300). The root cause is a use-after-free triggered by a cross-reference (xref) table repair when a crafted PDF omits an object referenced by a trailer-controlled xref. During parsing, Nitro may resize the cross-reference table...
CVE-2021-21798
CVE-2021-21798 affects Nitro Pro PDF through its JavaScript engine (np_java_script.dll/js32u.dll). A stack variable address return in the Document JavaScript bindings (notably Document.flattenPages) can cause a use-after-free on a JSStackFrame when an exception is raised, allowing code execution ...