Aleksandar Nikolic and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered two code execution vulnerabilities and an information disclosure flaw in Nitro Pro PDF reader. Nitro PDF allows users to save, read, sign and edit PDFs on their computers.

The software contains vulnerabilities that could allow adversaries to carry out a variety of actions.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Nitro PDF to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details Nitro PRO PDF nested pages remote code execution vulnerability (TALOS-2020-0997/CVE-2020-6074)

An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Nitro Pro PDF pattern object code execution vulnerability (TALOS-2020-1013/CVE-2020-6092)

An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. A victim must open a malicious file to trigger this vulnerability

Read the complete vulnerability advisory here for additional information.

Nitro Pro PDF Javascript XML error handling information disclosure vulnerability (TALOS-2020-1014/CVE-2020-6093)

An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 handles XML errors. A specially crafted PDF document can cause uninitialized memory access, resulting in information disclosure. The victim must open a malicious file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Versions tested Talos tested and confirmed that Nitro Pro PDF, version 13.9.1.155, is affected by these vulnerabilities.

Coverage The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 53036, 53037, 53114, 53115, 53265, 53266