virus logo FortiClient Vulnerability

Nitro Pro CVE-2021-21796 Use After Free Vulnerability

description-logoDescription

An exploitable use-after-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause an object containing the path to a document to be destroyed and then later reused, resulting in a use-after-free vulnerability, which can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.

affected-products-logoAffected Applications

Nitro Pro

CVE References

CVE-2021-21796

Other References

https://www.gonitro.com/security/updates
ID 71079
Created Feb 15, 2022
Description
Updated		 Dec 15, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Nitro
Patch manual
Application Nitro Pro