PT-2020-11980 · Nitro · Nitro Pro

Published

2020-03-08

Updated

2021-07-21

CVE-2020-10222

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Nitro Pro versions prior to 13.13.2.242

Description The issue is related to a Heap Corruption problem that can be triggered by a crafted PDF document. This corruption occurs at the npdf!nitro::get property+2381 location within the npdf.dll component of Nitro Pro.

Recommendations For versions prior to 13.13.2.242, update to version 13.13.2.242 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-10222

Affected Products

Nitro Pro

PT-2020-11980 · Nitro · Nitro Pro

CVE-2020-10222

Related Identifiers

Affected Products

References · 4