CVSS: 8.8EPSS: 6%CPEs: 2EXPL: 1CVE-2020-6113
https://notcve.org/view.php?id=CVE-2020-6113
An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calculating this size, an integer overflow may occur which can result in an undersized buffer being allocated. Later when initializing this buffer, the application can write outside its bounds which can cause a memory corruption that can lead to code execution. A specially crafted document can be delivered to a victim in order to trigger this vulnerability. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1063 • CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-6112
https://notcve.org/view.php?id=CVE-2020-6112
An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memory corruption. This can result in code execution. A specially crafted image can be embedded inside a PDF and loaded by a victim in order to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad JPEG2000 Stripe Decoding de Nitro Pro de Nitro Software, Inc versión 13.13.2.242 cuando se decodifican las submuestras. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1062 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-6115
https://notcve.org/view.php?id=CVE-2020-6115
An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save a reference to the object’s cross-reference table entry inside a stack variable. If the referenced object identifier is not found, the application may resize the cross-reference table which can change the scope of its entry. Later when the application tries to reference cross-reference entry via the stack variable, the application will access memory belonging to the recently freed table causing a use-after-free condition. A specially crafted document can be delivered by an attacker and loaded by a victim in order to trigger this vulnerability. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1068 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 5%CPEs: 2EXPL: 1CVE-2020-6116
https://notcve.org/view.php?id=CVE-2020-6116
An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors. When using this allocated buffer, the application can write outside its bounds and cause memory corruption which can lead to code execution. A specially crafted document must be loaded by a victim in order to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código arbitraria en la funcionalidad de renderizado de Nitro Pro de Nitro Software, Inc versión 13.13.2.242. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1070 • CWE-131: Incorrect Calculation of Buffer Size CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2020-6146
https://notcve.org/view.php?id=CVE-2020-6146
An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Due to the object member being a buffer of a static size allocated on the heap, this can result in a heap-based buffer overflow. A specially crafted document must be loaded by a victim in order to trigger this vulnerability. Se presenta una vulnerabilidad de ejecución de código explotable en la funcionalidad de renderizado de Nitro Pro versiones 13.13.2.242 y 13.16.2.300. • https://talosintelligence.com/vulnerability_reports/TALOS-2020-1084 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •