Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
双重释放
Vulnerability Title
Nitro Software Nitro Pro 资源管理错误漏洞
Vulnerability Description
Nitro Software Nitro Pro是美国Nitro Software公司的一款PDF文档编辑器软件。该软件支持PDF文档编辑、PDF文档格式转换和PDF文档加密等功能。 Nitro Pro PDF 存在资源管理错误漏洞,该漏洞源于产品未能正确控制文档的资源。攻击者可通过该漏洞利用特殊文件导致对超时对象的多次释放进而引发代码执行。
CVSS Information
N/A
Vulnerability Type
N/A