Описание
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file.
Уязвимость компонента /Pattern приложения для чтения и редактирования PDF-файлов Nitro Pro, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3
7.8 High
CVSS3
6.8 Medium
CVSS2