CVE-2020-10223

Name of the Vulnerable Software and Affected Versions Nitro Pro versions prior to 13.13.2.242

Description The issue is related to a heap corruption problem in the JBIG2Decode CNxJBIG2DecodeStream function, which can be triggered by a crafted PDF document. This corruption occurs at the create popup for markup function.

Recommendations For versions prior to 13.13.2.242, update to version 13.13.2.242 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted PDF documents that could trigger the JBIG2Decode CNxJBIG2DecodeStream Heap Corruption until a patch is applied.