Due to the object member being a buffer of a static size allocated on the heap, this can result in a heap-based buffer overflow. When drawing the contents of a page and selecting the stroke color from an "ICCBased" colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Nitro Pro PDF ICCBased ColorSpace stroke color code execution vulnerability (TALOS-2020-1084/CVE-2020-6146)Īn exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. Read the complete vulnerability advisory here for additional information. A specially crafted document must be loaded by a victim in order to trigger this vulnerability. When using this allocated buffer, the application can write outside its bounds and cause memory corruption which can lead to code execution. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors. Nitro Pro Indexed ColorSpace rendering code execution vulnerability (TALOS-2020-1070/CVE-2020-6116)Īn arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.'s Nitro Pro 13.13.2.242. In accordance with our coordinated disclosure policy, Cisco Talos worked with Nitro Pro to ensure that these issues are resolved and that an update is available for affected customers. The software contains vulnerabilities that could allow adversaries to exploit a victim machine in multiple ways that would eventually allow them to execute code. Nitro PDF allows users to save, read, sign and edit PDFs on their computers. Blog by Jon Munshaw.Ĭisco Talos recently discovered multiple code execution vulnerabilities in the Nitro Pro PDF reader. Cisco Talos researchers discovered these vulnerabilities.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |