Microsoft Edge and ChakraCore Memory Corruption Vulnerability (CNVD-2018-18476)

Microsoft Edge is a web browser developed by Microsoft.ChakraCore is the core of an open-source JavaScript engine used in Edge, and can also be used as a standalone JavaScript engine. A memory corruption vulnerability exists in Microsoft Edge and ChakraCore. A remote attacker can exploit this...

PT-2018-1467 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript engine of Internet Explorer, allowing a remote attacker to execute arbitrary code using a specially crafted web page or...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™

Summary Node.js vulnerabilities in Node.js and the V8 Javascript engine were disclosed on October 18 2016, by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-5180 DESCRIPTION: The V8 Javascript engine, as used in Google Chrome O...

Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™

Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...

Foxit PDF Reader JavaScript Engine Memory Misreference Vulnerability (CNVD-2018-15096)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.1.0.5096. An attacker could exploit this...

Foxit PDF Reader JavaScript Engine Memory Misreference Vulnerability (CNVD-2018-15095)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.1.5096. An attacker can exploit this vulnerability ...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3924

CVE-2018-3924 describes a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine affecting Foxit PDF Reader version 9.1.5096 (and related Foxit offerings). The issue allows an attacker to trigger reuse of a previously freed memory object via a specially crafted PDF document, potenti...

CVE-2018-3939

CVE-2018-3939 is a use-after-free vulnerability in Foxit Software’s PDF Reader (version 9.1.0.5096) JavaScript engine. A specially crafted PDF can trigger reuse of a previously freed memory object, enabling arbitrary code execution. Exploitation requires user interaction (opening the malicious PD...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

PT-2018-16331 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine of Foxit Software's PDF Reader can be exploited, allowing arbitrary code execution when a specially crafted PDF document is opened. Th...

Foxit PhantomPDF 'JavaScript' Remote Code Execution Vulnerabilities - Windows

Foxit PhantomPDF is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft ChakraCore Remote Code Execution Vulnerability (CNVD-2018-15862)

Microsoft ChakraCore is the core of the JavaScript engine used by Edge, a web browser from Microsoft. A remote code execution vulnerability exists in Microsoft ChakraCore. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the current user, corrupting...

CVE-2018-5188

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 60, Thunderbird 52.9,...