CVE-2021-41785

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled...

PT-2022-23948 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

PT-2022-23955 · Foxit · Foxit Pdf Editor

Name of the Vulnerable Software and Affected Versions: Foxit PDF Editor version 11.1.1.53537 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. Th...

Foxit PDF Reader 缓冲区错误漏洞

Foxit PDF Reader is China Foxit Foxit company a PDF reader. Foxit PDF Reader suffers from a buffer overflow vulnerability that originates from the application failing to properly validate the allocation boundaries of an object when handling certain JavaScript, which can be exploited by an attacke...

Mozilla Firefox Security Advisory (MFSA2014-13) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

PT-2021-4792 · Foxit · Foxit Pdf Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 11.1 Foxit PDF Editor versions prior to 11.1 Foxit PhantomPDF versions prior to 10.1.6 Description: The issue is related to the mishandling of JavaScript, allowing attackers to trigger a use-after-free and...

PT-2021-4403 · Foxit · Foxit Pdf Reader +2

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 11.1 Foxit PDF Editor versions prior to 11.1 Foxit PhantomPDF versions prior to 10.1.6 Description: The issue is related to the mishandling of JavaScript, allowing attackers to trigger a use-after-free and...

Microsoft Internet Explorer array Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Brave Denial of Service Vulnerability (CNVD-2018-09308)

Brave is a Web browser product from Brave Software, Inc. in the United States. A security vulnerability exists in versions of Brave prior to 0.14.0 based on Linux or other platforms, which stems from the program's failure to properly handle JavaScrip code. An attacker could exploit this...

Microsoft Internet Explorer Information Disclosure Vulnerability

Microsoft Internet Explorer IE is a Web browser developed by the American company Microsoft and is the default browser that comes with the Windows operating system. An information leakage vulnerability exists in Microsoft IE versions 9 through 11, which arises from the program's failure to proper...

Internet Explorer Information Disclosure Vulnerability

An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer. In a web-based attack scenario, an attacker could host a website used to attempt to exploit the...

VulnCheck KEV: CVE-2016-0162

An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer...

Microsoft Internet Explorer Memory Corruption (MS16-037: CVE-2016-0154)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a type confusion when handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2011-2982 A...

Google Chrome Multiple Vulnerabilities - 01 - (Jul 2012) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MyForum 1.3 - Insecure Cookie Handling

MyForum 1.3 - Insecure Cookie Handling + MyForum 1.3 Insecure Cookie Handling Vulnerability + Discovered By : Mountassif Moad + Greetz : All my freind Exploit: javascript:document.cookie = "myforumlogin=1; path=/"; javascript:document.cookie = "myforumpass=1; path=/"; desc: if it dont work in the...

DSA-1489-1 iceweasel - several vulnerabilities

Bulletin has no description...

FreeBSD : opera -- Vulnerability in javascript handling (df4a7d21-4b17-11dc-9fc2-001372ae3ab9)

An advisory from Opera reports : A specially crafted JavaScript can make Opera execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine a...

CVE-2006-3801

Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code...

Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC

No description provided by source. !-- --------------------------------------------------- Software: Firefox Web Browser Tested: Linux, Windows clients' version 1.5.0.2 Result: Firefox Remote Code Execution and Denial of Service - Vendor contacted, no patch yet. Problem: A handling issue exists i...