CVE-2020-6093
6.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a malicious file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Nitro Pro | Nitro Pro 13.9.1.155 | affected |
Weaknesses
- CWE-824: CWE-824: Access of Uninitialized Pointer
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.