4446 matches found
CVE-2023-33866
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-27379
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-28744
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary...
Design/Logic Flaw
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-28744
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary...
CVE-2023-28744
Foxit CVE-2023-28744 is a use-after-free in the JavaScript engine of Foxit PDF Reader/Editor. A specially crafted PDF can trigger reuse of freed memory in forms, leading to memory corruption and arbitrary code execution. Exploitation requires user action (opening a malicious PDF) or, if the brows...
CVE-2023-27379
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-33866
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-33866
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-27379
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution...
CVE-2023-33866
CVE-2023-33866 corresponds to a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (affected version 12.1.2.15332). A crafted PDF can prematurely delete objects tied to pages, permitting reuse of freed memory and arbitrary code execution. Exploitation requires user action (openi...
CVE-2023-27379
CVE-2023-27379 affects Foxit PDF Reader, version 12.1.2.15332, with a use-after-free in the JavaScript engine caused by prematurely deleting objects on pages. This can allow arbitrary code execution when a user opens a crafted PDF or visits a crafted site with the browser plugin enabled. OpenVAS/...
PT-2023-3893 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 12.1.2.15332 Description: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader. By prematurely deleting objects associated with pages, a specially crafted PDF document can...
Foxit PDF Reader < 12.1.3 Multiple Vulnerabilities
According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 12.1.3. It is, therefore affected by multiple vulnerabilities: - A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in...
PT-2023-3892 · Foxit · Foxit Pdf Reader +1
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 12.1.1.15289 Foxit PDF Editor affected versions not specified Description: A use-after-free issue exists in the JavaScript engine, allowing an attacker to execute arbitrary code by manipulating form fields of a specif...
Foxit Reader Choice Field use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1739 Foxit Reader Choice Field use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-28744 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.1.15289. A specially crafted PDF document c...
Foxit Reader Field Calculate event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1756 Foxit Reader Field Calculate event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-27379 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
PT-2023-3894 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 12.1.2.15332 Description: A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader. By prematurely deleting objects associated with pages, a specially crafted PDF document can...
Foxit Reader Field OnBlur event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33866 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
ChakraCore 缓冲区错误漏洞
ChakraCore is a chakra-core open source JavaScript engine with C API. ChakraCore has a security vulnerability that stems from a stack overflow vulnerability contained in the function Js::ScopeSlots::IsDebuggerScopeSlotArray...