Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nitro PDF Pro before 13.70.8.82 and 14.x before 14.26.1.0 allows Local Privilege Escalation in the MSI Installer because custom actions occur unsafely in repair mode. CertUtil is run in a conhost.exe window, and there is a mechanism allowing CTRL+o to launch cmd.exe as NT AUTHORITY\SYSTEM.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nitro Software Nitro PDF Pro 权限许可和访问控制问题漏洞
Vulnerability Description
Nitro Software Nitro PDF Pro是美国Nitro Software公司的一个可以用于创建和编辑PDF文件的软件。 Nitro Software Nitro PDF Pro 13.70.7.60及之前版本和14.18.1.41及之前版本存在权限许可和访问控制问题漏洞,该漏洞源于MSI安装程序中,可能允许本地特权升级。
CVSS Information
N/A
Vulnerability Type
N/A