virus logo FortiClient Vulnerability

Nitro Pro CVE-2021-21797 Denial of Service Vulnerability

description-logoDescription

An exploitable double-free vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a reference to a timeout object to be stored in two different places. When closed, the document will result in the reference being released twice. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger this vulnerability.

affected-products-logoAffected Applications

Nitro Pro

CVE References

CVE-2021-21797

Other References

https://www.gonitro.com/security/updates
ID 71080
Created Feb 15, 2022
Description
Updated		 Dec 15, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Nitro
Patch manual
Application Nitro Pro