| Severity | High |
| Patch available | NO |
| Number of vulnerabilities | 6 |
| CVE ID | CVE-2019-5050 CVE-2019-5045 CVE-2019-5046 CVE-2019-5048 CVE-2019-5047 CVE-2019-5053 |
| CWE ID | CWE-122 CWE-416 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
NitroPDF Client/Desktop applications / Office applications |
| Vendor | Nitro Software, Inc. |
Severity: High
CVSSv3: 8.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5050
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the "Page", "Kids" objects due to a boundary error when processing PDF files. A remote attacker can send a specially crafted PDF file, when opened by a victim, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0819
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
Severity: High
CVSSv3: 8.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5045
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the PDF parsing functionality due to a boundary error when processing jpeg2000 files with an unusually large "ssizDepth" value in "siz" block of the code stream embedded in a PDF file. A remote attacker can send a specially crafted jpeg2000 file, when opened by a victim, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0814
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
Severity: High
CVSSv3: 8.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5046
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing jpeg2000 files with an unusually large "xSiz" and "yTsiz". A remote attacker can send a specially crafted jpeg2000 file, when opened by a victim, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0815
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
Severity: High
CVSSv3: 8.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5048
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists in the "ICCBased" color space object due to a boundary error when processing PDF files. A remote attacker can send a specially crafted PDF file, when opened by a victim, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0817
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
Severity: Medium
CVSSv3: 6.9 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5047
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in the "CharProcs" parsing functionality. A remote attacker can send a specially crafted PDF, cause a type confusion, resulting in a Use After Free and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0816
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
Severity: Medium
CVSSv3: 6.9 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]
CVE-ID: CVE-2019-5053
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in the Length parsing function. A remote attacker can send a specially crafted PDF and cause a type confusion, resulting in a use-after-free condition.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsNitroPDF: 12.12.1.522
CPE External linkshttps://talosintelligence.com/vulnerability_reports/TALOS-2019-0830
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open an attachment in an e-mail message.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.