Page 2 of 6 results (0.003 seconds)
CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 2
CVSS: 8.8EPSS: 96%CPEs: 1EXPL: 2CVE-2017-7442 – Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution
https://notcve.org/view.php?id=CVE-2017-7442
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences. Nitro Pro 11.0.3.173 permite que atacantes remotos ejecuten código arbitrario mediante las llamadas saveAs y launchURL con secuencias de salto de directorio. • https://www.exploit-db.com/exploits/42418 http://srcincite.io/advisories/src-2017-0005 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •