Vulnerabilities > CVE-2020-10223 - Out-of-bounds Write vulnerability in Gonitro Nitro PRO

047910
CVSS 8.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
gonitro
CWE-787
NVD
Published: 2020-03-08
Updated: 2020-03-09

Summary

npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.

Vulnerable Configurations

Part Description Count
Application
Gonitro
40

Common Weakness Enumeration (CWE)

References