Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memory corruption. This can result in code execution. A specially crafted image can be embedded inside a PDF and loaded by a victim in order to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
使用越界的指针偏移
Vulnerability Title
Nitro Software Nitro Pro 安全漏洞
Vulnerability Description
Nitro Software Nitro Pro是美国Nitro Software公司的一款PDF文档编辑器软件。该软件支持PDF文档编辑、PDF文档格式转换和PDF文档加密等功能。 Nitro Pro 13.13.2.242版本存在安全漏洞。该漏洞允许攻击者将特制的图像嵌入到PDF中,从而触发该漏洞。
CVSS Information
N/A
Vulnerability Type
N/A