Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper functions. Because the freed memory region may contain unpredictable heap data or remnants of attacker-controlled JavaScript strings, downstream routines such as wcscmp() may process invalid or stale pointers. This can result in access violations and non-deterministic crashes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nitro PDF Pro 安全漏洞
Vulnerability Description
Nitro PDF Pro是美国Nitro公司的一个PDF编辑和管理工具。 Nitro PDF Pro for Windows 14.41.1.4版本存在安全漏洞,该漏洞源于this.mailDoc方法存在堆释放后重用,可能导致访问违规和非确定性崩溃。
CVSS Information
N/A
Vulnerability Type
N/A