CVE-2018-3924

CVE-2018-3924 describes a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine affecting Foxit PDF Reader version 9.1.5096 (and related Foxit offerings). The issue allows an attacker to trigger reuse of a previously freed memory object via a specially crafted PDF document, potenti...

CVE-2018-3939

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

PT-2018-16331 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit Software's PDF Reader version 9.1.0.5096 Description: A use-after-free issue in the JavaScript engine of Foxit Software's PDF Reader can be exploited, allowing arbitrary code execution when a specially crafted PDF document is opened. Th...

Foxit PhantomPDF 'JavaScript' Remote Code Execution Vulnerabilities - Windows

Foxit PhantomPDF is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft ChakraCore Remote Code Execution Vulnerability (CNVD-2018-15862)

Microsoft ChakraCore is the core of the JavaScript engine used by Edge, a web browser from Microsoft. A remote code execution vulnerability exists in Microsoft ChakraCore. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the current user, corrupting...

CVE-2018-5188

Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 60, Thunderbird 52.9,...

chromium-browser: Out of bounds write in V8

Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Google Chrome Out-of-Bounds Memory Write Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A security vulnerability exists in V8 in versions of Google Chrome prior to 67.0.3396.87. The vulnerability can be exploited by an attacker to perform a write operatio...

Google Chrome out-of-bounds memory access vulnerability (CNVD-2018-11486)

Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A security vulnerability exists in V8 in versions of Google Chrome prior to 67.0.3396.62. A remote attacker can exploit this vulnerability by tricking a user into...

CVE-2018-3853

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the us...

CVE-2018-3853

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the us...

CVE-2018-3853

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the us...

CVE-2018-3853

CVE-2018-3853 is an exploitable use-after-free in Foxit PDF Reader’s JavaScript engine (version 9.0.1.1049). A specially crafted PDF can trigger reuse of a previously freed object, enabling arbitrary code execution. An attacker must entice the user to open the malicious PDF to trigger the flaw; i...

PT-2018-16247 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.0.1.1049 Description: A use-after-free issue in the JavaScript engine of Foxit PDF Reader can be exploited by opening a specially crafted PDF document, potentially leading to arbitrary code execution. An attacker mu...

chromium-browser: Type confusion in V8

Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

USN-3635-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

CVE-2017-14458

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick th...

CVE-2018-3850

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

CVE-2017-14458

CVE-2017-14458 affects Foxit PDF Reader/Engine, notably Foxit PDF Reader 8.3.2.25013. The vulnerability is a use-after-free in the JavaScript engine that can be triggered by a crafted PDF, causing the previously freed object to be reused and allowing arbitrary code execution. Exploitation require...