Nitro · Nitropdf · CVE-2019-5047
**Name of the Vulnerable Software and Affected Versions**
NitroPDF (affected versions not specified)
**Description**
The issue is related to a Use After Free vulnerability in the CharProcs parsing functionality. It can be triggered by a specially crafted PDF, causing a type confusion that results in a Use After Free. An attacker can exploit this by crafting a malicious PDF.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.