CVE-2024-49576

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2024-47810

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs ...

CVE-2024-47810

A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs ...

PT-2024-10303 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.3.0.26795 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a 3D page object. This can be triggered by a specially crafted Javascript code inside a malicious PDF document, leading to...

PT-2024-9691 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.3.0.26795 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a checkbox CBF Widget object. This vulnerability can be triggered by a specially crafted Javascript code inside a malicious...

CVE-2024-28888

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...

CVE-2024-28888

CVE-2024-28888 is a use-after-free vulnerability in Foxit Reader/Foxit PDF Editor affecting components that handle a checkbox field object. The root cause is memory management in the checkbox handling path, allowing a specially crafted JavaScript inside a malicious PDF (or a crafted site when the...

CVE-2024-0981

Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...

CVE-2024-0981

Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...

CVE-2024-0981

The CVE-2024-0981 affect is: Okta Browser Plugin versions 6.5.0–6.31.0 (Chrome/Edge/Firefox/Safari) allow cross-site scripting when the plugin prompts to save credentials in Okta Personal. Root cause: improper escaping of fields in the credential-save prompt. Impact: potential XSS; remediation: u...

CVE-2024-0981

Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...

Okta Browser Plugin 安全漏洞

Okta Browser Plugin is a browser plugin from Okta USA. A security vulnerability exists in Okta Browser Plugin versions 6.5.0 through 6.31.0 that stems from vulnerability to cross-site scripting attacks...

PT-2024-15959 · Okta · Workforce Identity Cloud +2

Name of the Vulnerable Software and Affected Versions: Okta Browser Plugin versions 6.5.0 through 6.31.0 Description: The issue occurs due to a cross-site scripting flaw when the Okta Browser Plugin prompts the user to save credentials within Okta Personal. This is resolved by properly escaping...

[SECURITY] Fedora 40 Update: djvulibre-3.5.28-9.fc40

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

[SECURITY] Fedora 39 Update: djvulibre-3.5.28-7.fc39

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

CVE-2024-25575

A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2024-25648

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. A...

CVE-2024-25938

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2024-25938

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2024-25938

CVE-2024-25938 affects Foxit Reader 2024.1.0.23997 and is a use-after-free vulnerability in the Barcode widget. According to Talos, a specially crafted JavaScript in a malicious PDF can trigger reuse of a freed object, leading to memory corruption and potentially arbitrary code execution. Exploit...