Nitro.Pro.PDF.Pattern.Object.Integer.Overflow
Description
This indicates an attack attempt to exploit an Integer Overflow Vulnerability in Nitro PDF Nitro Pro.
This vulnerability is due to improper handling of BBox property in Pattern objects. A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
Affected Products
Nitro PDF Nitro Pro 13.9.1.155
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1013
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-08-18 | 15.907 | Sig Added |
2020-07-16 | 15.888 | Default_action:pass:drop |
2020-07-08 | 15.881 |