cve/CVE-2020-13557.md at eda58812c5773678e9432b65209fee245db925e7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 19:16:22 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.

POC

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1171

Github

https://github.com/0xCyberY/CVE-T4PDF
https://github.com/ARPSyndicate/cvemon

1.1 KiB Raw Blame History Unescape Escape

CVE-2020-13557

Description

POC

Reference

Github

1.1 KiB

Raw Blame History