NotCVE - vendor:"Gonitro" product:"Nitro Pro" version:"

Page 2 of 9 results (0.004 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-3552

https://notcve.org/view.php?id=CVE-2013-3552

Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. Nitro Pro 7.5.0.29 y anteriores y Nitro Reader 2.5.0.45 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante un archivo PDF manipulado. • https://docs.microsoft.com/en-us/security-updates/vulnerabilityresearchadvisories/2013/msvr13-006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-3553

https://notcve.org/view.php?id=CVE-2013-3553

Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. Nitro Pro 7.5.0.22 y anteriores y Nitro Reader 2.5.0.36 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante un archivo PDF manipulado. • https://docs.microsoft.com/en-us/security-updates/vulnerabilityresearchadvisories/2013/msvr13-007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 2

CVE-2017-7442 – Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution

https://notcve.org/view.php?id=CVE-2017-7442

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. Nitro Pro 11.0.3.173 permite que atacantes remotos ejecuten código arbitrario mediante las llamadas saveAs y launchURL con secuencias de salto de directorio. • https://www.exploit-db.com/exploits/42418 http://srcincite.io/advisories/src-2017-0005 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-7950 – Nitro Pro PDF - Multiple Vulnerabilities

https://notcve.org/view.php?id=CVE-2017-7950

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file. Nitro Pro 11.0.3 y anteriores permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante un archivo PCX manipulado. • https://www.exploit-db.com/exploits/44063 http://www.securityfocus.com/bid/99514 https://www.gonitro.com/support/downloads#securityUpdates • CWE-20: Improper Input Validation •

1 2