Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.Referenceshttp://srcincite.io/advisories/src-2017-0005/https://www.exploit-db.com/exploits/42418/
