Foxit PDF Reader JavaScript this.bookmarkRoot.children remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

PT-2018-16335 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine allows for arbitrary code execution when a specially crafted PDF document is opened, causing a previously freed object in memory to be...

chromium-browser: Out of bounds write in V8

A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Google Chrome V8 International Components for Unicode Integer Overflow Vulnerability

Google Chrome is a web browser developed by Google.V8 is an open source JavaScript engine.International Components for Unicode ICU for C/C++ is a C/C++ library for Unicode support, software internationalization, and globalization. for C/C++. An integer overflow vulnerability exists in Google Chro...

UBUNTU-CVE-2017-15399

A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2017-15406

A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

Microsoft Edge and ChakraCore Memory Corruption Vulnerability (CNVD-2018-18476)

Microsoft Edge is a web browser developed by Microsoft.ChakraCore is the core of an open-source JavaScript engine used in Edge, and can also be used as a standalone JavaScript engine. A memory corruption vulnerability exists in Microsoft Edge and ChakraCore. A remote attacker can exploit this...

PT-2018-1467 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer affected versions not specified Description: The issue is caused by a buffer overflow in the JavaScript engine of Internet Explorer, allowing a remote attacker to execute arbitrary code using a specially crafted web page or...

Security Bulletin: Multiple Vulnerabilities in Current Release of IBM® SDK for Node.js™

Summary Multiple vulnerabilities in OpenSSL disclosed on August 6, 2014 by the OpenSSL Project, plus a vulnerability in the V8 JavaScript engine Vulnerability Details CVE-ID: CVE-2014-3512 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an internal buffer overrun. A remote...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK for Node.js™

Summary Node.js vulnerabilities in Node.js and the V8 Javascript engine were disclosed on October 18 2016, by the Node.js Foundation. IBM SDK for Node.js has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-5180 DESCRIPTION: The V8 Javascript engine, as used in Google Chrome O...

Foxit PDF Reader JavaScript Engine Memory Misreference Vulnerability (CNVD-2018-15096)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.1.0.5096. An attacker could exploit this...

Foxit PDF Reader JavaScript Engine Memory Misreference Vulnerability (CNVD-2018-15095)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.1.5096. An attacker can exploit this vulnerability ...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3924

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...

CVE-2018-3939

CVE-2018-3939 is a use-after-free vulnerability in Foxit Software’s PDF Reader (version 9.1.0.5096) JavaScript engine. A specially crafted PDF can trigger reuse of a previously freed memory object, enabling arbitrary code execution. Exploitation requires user interaction (opening the malicious PD...