CVE-2018-3850

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user...

chromium-browser: Incorrect handling of promises in V8

An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page...

PT-2018-16244 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.0.1.1049 Description: An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader. A specially crafted PDF document can trigger a previously freed object in memory to be reused,...

Foxit PDF Reader JavaScript Engine Memory Misreference Vulnerability

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A memory misreference vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. An attacker can exploit this vulnerabilit...

PT-2018-5655 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 8.3.2.25013 Description: A use-after-free issue in the JavaScript engine of Foxit PDF Reader can be exploited by opening a specially crafted PDF document, allowing arbitrary code execution. This can be triggered by an...

Design/Logic Flaw

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

CVE-2018-3842

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

CVE-2018-3842

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

CVE-2018-3842

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...

Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader

Overview Talos is disclosing five vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular free program for viewing, creating, and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin available. Update to the current...

PT-2018-16236 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.0.1.1049 Description: The issue is related to an uninitialized pointer in the JavaScript engine. A specially crafted PDF document can cause a dereference of this pointer, potentially leading to arbitrary code...

Google Chrome V8 Competitive Conditions Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. A competitive condition vulnerability exists in V8 in versions prior to Google Chrome 65.0.3325.146. A remote attacker could exploit this vulnerability by tricking a...

Google Chrome V8 Integer Overflow Vulnerability

Google Chrome is the United States Google Google company developed a Web browser. v8 is one of the open source JavaScript engine. An integer overflow vulnerability exists in V8 in versions prior to Google Chrome 65.0.3325.146. A remote attacker could exploit this vulnerability by tricking a user...

CVE-2018-5145

Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR 52.7 and Thunderbird 52.7...

Google Chrome Caching Bug Type Confusion

A type confusion vulnerability exists in Google Chrome. The vulnerability is due to improper handling of objects in memory by the JavaScript engine while compiling code. A remote attacker could exploit this vulnerability by enticing a user to open a malicious web page...

CVE-2018-4910

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file...

CVE-2018-4910

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file...

Heap overflow

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file...

CVE-2018-4910

CVE-2018-4910 affects Adobe Acrobat Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier. It is a heap overflow in the JavaScript engine triggered by a crafted PDF using JavaScript that manipulates the Optional Content Group (OCG). Successful expl...

V8: integer overflow leading to buffer overflow in Zone::New

An integer-overflow flaw was found in V8's Zone class when allocating new memory Zone::New and Zone::NewExpand. An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges...