Vulnerabilities > CVE-2020-10223 - Out-of-bounds Write vulnerability in Gonitro Nitro PRO

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
PARTIAL
network
gonitro
CWE-787
NVD
Published: 2020-03-08
Updated: 2020-03-09

Summary

npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document.

Vulnerable Configurations

Part Description Count
Application
Gonitro
40

Common Weakness Enumeration (CWE)

References