CVE-2017-16420

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

CVE-2017-16398

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine. The...

CVE-2017-16389

Technical details for CVE-2017-16389 are not publicly provided in the supplied documents. Monitor for updates.

CVE-2017-16389

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine. The...

chromium-browser: type confusion in webassembly

Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Arbitrary Code Execution

Overview math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. Recommendation Update to version 3.17.0 or later. References -...

Typed-function JavaScript Engine Arbitrary Code Execution Vulnerability

typed-function is a tool for detecting errors in JavaScript functions. JavaScript engine is one of the JavaScript engines. An arbitrary code execution vulnerability exists in JavaScript engine in versions of typed-function prior to 0.10.6. An attacker can exploit this vulnerability to execute...

Math.js JavaScript Engine Arbitrary Code Execution Vulnerability

Math.js is a math library for JavaScript and Node.js , it supports symbolic computation , a large number of built-in functions and constants . JavaScript engine is one of the JavaScript engine . An arbitrary code execution vulnerability exists in the JavaScript engine in versions of Math.js prior...

CVE-2017-1001004

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001002

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

Design/Logic Flaw

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

Design/Logic Flaw

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001004

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001002

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001004

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001002

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

CVE-2017-1001004

The CVE-2017-1001004 entry affects the typed-function library in JavaScript prior to version 0.10.6. The underlying issue is that function names can contain JavaScript code, enabling arbitrary code execution in the JS engine. Affects typed-function up to 0.10.5; impact is arbitrary code execution...

CVE-2017-1001002

math.js before 3.17.0 allows arbitrary code execution in the JavaScript engine by creating a typed function with JavaScript code in the name. The vulnerability affects math.js (and has been referenced in OpenVAS/OSV/NVD entries) and can lead to code execution on affected systems. Affected compone...

Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-11858)

A Memory Corruption Vulnerability exists in Microsoft browsers. The vulnerability is due to the way JavaScript engine is handling objects in memory. A remote attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...

KB4038781: Windows 10 September 2017 Cumulative Update

The remote Windows host is missing security update 4038781. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables...