4496 matches found
CVE-2018-3943
Foxit Reader/PhantomPDF CVE-2018-3943 is a use-after-free in Foxit’s PDF Reader JavaScript engine (Foxit Reader 9.1.0.5096). A crafted PDF can reuse a freed object, allowing arbitrary code execution. Exploitation requires user action (opening the malicious file); if a browser plugin extension is ...
CVE-2018-3958
CVE-2018-3958 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (Foxit PDF Reader, version 9.1.0.5096). The defect occurs when accessing the Subject property of the this.info object. Exploitation requires user interaction: convincing a user to open a malicious PDF file, or...
CVE-2018-3944
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...
CVE-2018-3943
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...
CVE-2018-3962
Foxit PDF Reader (version 9.1.0.5096) is affected by a use-after-free in the JavaScript engine when accessing CreationDate on this.info. The vulnerability can be triggered when a user opens a malicious PDF file, and, if the browser plugin extension is enabled, by visiting a malicious site. The do...
CVE-2018-3960
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A use-after-free condition can occur when accessing the Producer property of the this.info object. An attacker needs to trick the user to open the malicious file to trigger this...
PT-2018-16343 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This can occur when accessing the Producer property of the this.info object. An attacker can trigger this issue by tricking a user into...
PT-2018-16340 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This occurs when accessing the Keywords property of the this.info object. An attacker can exploit this by tricking a user into opening a...
PT-2018-16344 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This can occur when accessing the Creator property of the this.info object. An attacker can trigger this issue by tricking a user into...
PT-2018-16341 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This can occur when accessing the Subject property of the this.info object. An attacker can trigger this by tricking a user into opening ...
PT-2018-16345 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This can occur when accessing the CreationDate property of the this.info object. An attacker can exploit this by tricking a user into...
PT-2018-16336 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine of Foxit Software's PDF Reader can be exploited by opening a specially crafted PDF document, potentially leading to arbitrary code...
PT-2018-16342 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.1.0.5096 Description: A use-after-free issue exists in the JavaScript engine. This can occur when accessing the Author property of the this.info object. An attacker can trigger this by tricking a user into opening a...
Foxit PDF Reader JavaScript this.bookmarkRoot.children remote code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.2.0.9297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
PT-2018-16335 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine allows for arbitrary code execution when a specially crafted PDF document is opened, causing a previously freed object in memory to be...
chromium-browser: Out of bounds write in V8
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Google Chrome V8 International Components for Unicode Integer Overflow Vulnerability
Google Chrome is a web browser developed by Google.V8 is an open source JavaScript engine.International Components for Unicode ICU for C/C++ is a C/C++ library for Unicode support, software internationalization, and globalization. for C/C++. An integer overflow vulnerability exists in Google Chro...
CVE-2017-15406
A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...
UBUNTU-CVE-2017-15399
A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...