CVE-2017-7950

MEDIUM

Nitro Pro < 11.0.3 - Denial of Service via Crafted PCX File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-7950. PoCs published by SecuriTeam.

AI-analyzed exploit summary The provided code is a functional proof-of-concept exploit for CVE-2017-7950, demonstrating two vulnerabilities in Nitro PDF: a directory traversal arbitrary file write via `Doc.saveAs` and a command execution via `App.launchURL`. The exploit leverages JavaScript embedded in a PDF to achieve remote code execution.

Description

Nitro Pro 11.0.3 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted PCX file.

Exploits (1)

exploitdb WORKING POC

by SecuriTeam · localwindows

https://www.exploit-db.com/exploits/44063

View Code ZIP pw:eip

The provided code is a functional proof-of-concept exploit for CVE-2017-7950, demonstrating two vulnerabilities in Nitro PDF: a directory traversal arbitrary file write via `Doc.saveAs` and a command execution via `App.launchURL`. The exploit leverages JavaScript embedded in a PDF to achieve remote code execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Nitro PDF / Nitro Pro PDF (versions prior to 11.05)

No auth needed

Prerequisites: Victim must open the malicious PDF file

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1204 - User Execution T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_confirm

https://www.gonitro.com/support/downloads#securityUpdates

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/99514

Scores

CVSS v3 5.5

EPSS 0.0249

EPSS Percentile 82.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-20

Status published

Products (1)

gonitro/nitro_pro < 11.0.3

Published Jul 07, 2017

Tracked Since Feb 18, 2026