4335 matches found
CVE-2019-5145
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open t...
CVE-2019-5130
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...
CVE-2019-5130
CVE-2019-5130 is a use-after-free vulnerability in Foxit PDF Reader (JavaScript engine). Multiple connected sources (Talos: Foxit PDF Reader 9.7.0.29435; Red Hat/NVD: same code path) describe that a crafted PDF can trigger a freed object to be reused, enabling arbitrary code execution. The vulner...
CVE-2019-5130
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...
CVE-2019-5126
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open t...
CVE-2019-5131
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick t...
CVE-2019-5131
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick t...
CVE-2019-5131
Foxit PDF Reader (Foxit Reader) is affected by a use-after-free vulnerability in the JavaScript engine for version 9.7.0.29435 (and possibly earlier per advisories). A specially crafted PDF can trigger reuse of a previously freed object, enabling arbitrary code execution. Exploitation requires th...
KLA11648 Multiple vulnerabilities in Foxit PDF Reader
A multiple use-after-free vulnerabilities in the JavaScript engine can be exploited by a specially crafted PDF document to execute arbitrary code. Original advisories Foxit Security Bulletins Related products Foxit-Reader Foxit-Phantom-PDF Foxit-Reader-Enterprise CVE list CVE-2019-5130 high...
Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...
CVE-2011-2670
Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets...
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 68.4 and Firefox 72...
CVE-2019-17025
Mozilla developers reported memory safety bugs present in Firefox 71. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 72...
CVE-2019-17018
When in Private Browsing Mode on Windows 10, the Windows keyboard may retain word suggestions to improve the accuracy of the keyboard. This vulnerability affects Firefox 72...
CVE-2019-17015
During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...
Mozilla Updates Firefox Browser: Zero-Day Bug Patched, Fingerprinting Nixed
UPDATE Mozilla patched a critical vulnerability actively being exploited in the wild with its latest update to the Firefox browser. Mozilla said in a security bulletin Wednesday that it was “aware of targeted attacks in the wild that were abusing the flaw. A successful attack “could make it...
chromium-browser: Out of bounds write in V8
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Type Confusion in V8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
chromium-browser: Type Confusion in V8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2013-1689
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service crash, related to event handling with frames...