MiracleLinux 8 : thunderbird-115.11.0-1.el8_10.ML.1 (AXSA:2024-8467:14)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8467:14 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CVE-2024-4367 POC for PDF.js POC for PDF.js' CVE-2024-4367 vu...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

🚨 CVE-2024-4367: Arbitrary JavaScript Execution in PDF.js Thi...

The vulnerability of the pdf.js library on the MFlash secure data exchange platform, related to the lack of protective measures for website structures, allows attackers to execute arbitrary JavaScript code.

The vulnerability of the pdf.js library on the MFlash secure data exchange platform is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow an attacker to execute arbitrary JavaScript code remotely...

The vulnerability of the PDF.js library is related to access to resources through incompatible types, allowing attackers to execute arbitrary JavaScript code.

The vulnerability of the PDF.js library is related to access to resources through incompatible types. Exploiting this vulnerability could allow a malicious actor to execute arbitrary JavaScript code remotely...

CVE-2024-4367

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...