CVE-2019-5048 Vulnerability Details

  /     /     /  

CVE-2019-5048 Metadata Quick Info

CVE Published: 09/10/2019 | CVE Updated: 04/08/2024 | CVE Year: 2019
Source: talos | Vendor: n/a | Product: NitroPDF
Status : PUBLISHED

---

CVE-2019-5048 Description

A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-122
CWE Name: CWE-122: Heap-based Buffer Overflow
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).