CVE-2013-3552
https://notcve.org/view.php?id=CVE-2013-3552
Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. Nitro Pro 7.5.0.29 y anteriores y Nitro Reader 2.5.0.45 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante un archivo PDF manipulado. • https://docs.microsoft.com/en-us/security-updates/vulnerabilityresearchadvisories/2013/msvr13-006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-3553
https://notcve.org/view.php?id=CVE-2013-3553
Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execute arbitrary code via a crafted PDF file. Nitro Pro 7.5.0.22 y anteriores y Nitro Reader 2.5.0.36 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante un archivo PDF manipulado. • https://docs.microsoft.com/en-us/security-updates/vulnerabilityresearchadvisories/2013/msvr13-007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-7442 – Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution
https://notcve.org/view.php?id=CVE-2017-7442
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. Nitro Pro 11.0.3.173 permite que atacantes remotos ejecuten código arbitrario mediante las llamadas saveAs y launchURL con secuencias de salto de directorio. • https://www.exploit-db.com/exploits/42418 http://srcincite.io/advisories/src-2017-0005 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2017-7950 – Nitro Pro PDF - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2017-7950
Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file. Nitro Pro 11.0.3 y anteriores permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) mediante un archivo PCX manipulado. • https://www.exploit-db.com/exploits/44063 http://www.securityfocus.com/bid/99514 https://www.gonitro.com/support/downloads#securityUpdates • CWE-20: Improper Input Validation •