virus logo Intrusion Prevention

NitroPDF.Reader.Use.After.Free

description-logoDescription

This indicates an attack attempt against a Use-After-Free vulnerability in Nitro's NitroPDF Reader software.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted PDF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted PDF file.

affected-products-logoAffected Products

NitroPDF Reader all versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Since NitroPDF Reader has been discontinued, and is no longer supported by Nitro Software, there are no solutions for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-06-02 18.090 Name:NitroPDF.
Reader.
FG-VD-17-211.
Use.
After.
Free:NitroPDF.
Reader.
Use.
After.
Free
ID 45476
Created Jan 18, 2018
Updated Jun 02, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App Other