CVE-2020-6112

Name of the Vulnerable Software and Affected Versions Nitro Pro version 13.13.2.242

Description A code execution issue exists in the JPEG2000 Stripe Decoding functionality when decoding sub-samples. The application can miscalculate a pointer for the stripes in the tile, allowing the decoder to write out of bounds and cause memory corruption, potentially resulting in code execution. This can be triggered by a specially crafted image embedded inside a PDF.

Recommendations For Nitro Pro version 13.13.2.242, at the moment, there is no information about a newer version that contains a fix for this vulnerability.