Design/Logic Flaw

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

Design/Logic Flaw

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2020-13570

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicio...

CVE-2020-13560

CVE-2020-13560 affects Foxit PDF Reader (example: version 10.1.0.37527) and is a use-after-free in the JavaScript engine. A specially crafted PDF can trigger reuse of freed memory, enabling arbitrary code execution. User interaction is required (opening the malicious file). If the browser plugin ...

CVE-2020-13557

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the...

CVE-2020-13557

CVE-2020-13557 is a use-after-free in Foxit PDF Reader’s JavaScript engine (Foxit Reader 10.1.0.37527). A crafted PDF can trigger reuse of freed memory, enabling arbitrary code execution. User interaction is required (opening the malicious file); if the browser plugin is enabled, visiting a malic...

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

chromium-browser: Uninitialized Use in V8

The Mozilla Foundation Security Advisory describes this flaw as: When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read...

Firefox Patches Critical Mystery Bug, Also Impacting Google Chrome

A Mozilla Foundation update to the Firefox web browser, released Tuesday, tackles one critical vulnerability and a handful of high-severity bugs. The update, released as Firefox version 84, is also billed by Mozilla as boosting the browser’s performance and adding native support for macOS hardwar...

CVE-2020-26972

The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they are not attempting to use a dead actor they have a reference to. Such a check was omitted in WebGL, resulting in a use-after-free and a potentially exploitable crash. This...

CVE-2020-26971

Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

CVE-2020-26973

Certain input to the CSS Sanitizer confused it, resulting in incorrect components being removed. This could have been used as a sanitizer bypass. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR 78.6...

CVE-2020-26974

When flex-basis was used on a table wrapper, a StyleGenericFlexBasis object could have been incorrectly cast to the wrong type. This resulted in a heap user-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox 84, Thunderbird 78.6, and Firefox ESR...

CVE-2020-26966

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak. Note: This issue only affected Windows operating systems. Other operating systems are unaffected.. This...

CVE-2020-26964

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix...

CVE-2020-26954

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on...

JerryScript has a binary vulnerability (CNVD-2020-72434)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...

JerryScript has a binary vulnerability (CNVD-2020-72423)

JerryScript is a lightweight JavaScript engine . A binary vulnerability exists in JerryScript, which can be exploited by attackers to cause a denial of service...