Nitro Pro is software that provides features to create, edit and convert PDF files or share PDF files standard. For the most current rule information, please refer to your Firepower Management Center or Nitro Pro 13 - Software provides features to create, edit and convert PDF files or share PDF files standard Nitro Pro: Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 5727. In addition to applying the patches, these vulnerabilities can also be mitigated if users disable the use of JavaScript in the software’s settings. Talos tested and confirmed these versions of the PDF reader could be exploited by this vulnerability. Users are encouraged to update these affected products as soon as possible: Nitro Pro versions 13.31.0.605 and 13.33.2.645. Cisco Talos worked with Nitro to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy. TALOS-2021-1267 (CVE-2021-21798) is a use-after-free vulnerability that can be triggered if a target opens a specially crafted, malicious PDF. It includes support for several capabilities via third-party libraries to parse the PDFs. Pro PDF allows users to create and modify PDFs and other digital documents. Nitro Pro PDF is part of Nitro Software’s Productivity Suite. A Cisco Talos team member discovered these vulnerabilities.Ĭisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |