mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-12 13:31:34 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2024-4367
Description
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
POC
Reference
No PoCs from references.
Github
- https://github.com/GhostTroops/TOP
- https://github.com/LOURC0D3/CVE-2024-4367-PoC
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Zombie-Kaiser/cve-2024-4367-PoC-fixed
- https://github.com/avalahEE/pdfjs_disable_eval
- https://github.com/clarkio/pdfjs-vuln-demo
- https://github.com/google/fishy-pdf
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/s4vvysec/CVE-2024-4367-POC
- https://github.com/spaceraccoon/detect-cve-2024-4367
- https://github.com/tanjiti/sec_profile
- https://github.com/zgimszhd61/openai-sec-test-cve-quickstart