NitroPDF 12.12.1.522 Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability

Summary

NitroPDF 12.12.1.522 suffers from improper restriction of operations within the bounds of a memory buffer vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0819


Details

A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file.

Vulnerable Systems:

NitroPDF 12.12.1.522  

CVE Information:

CVE-2019-5050 

Disclosure Timeline:
Published Date:10/09/2019