CVE-2020-6092

Summary

An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file.

Affected Software

VendorProductVersion RangeStatus
n/aNitro ProNitro Pro 13.9.1.155affected

Weaknesses

  • CWE-190: CWE-190: Integer Overflow or Wraparound

ADP Enrichment

CVE Program Container

Additional References

References