CVE-2024-4367 PoC — Mozilla Firefox 安全漏洞

Source

https://github.com/elamani-drawing/CVE-2024-4367-POC-PDFJS

Associated Vulnerability

Title:Mozilla Firefox 安全漏洞 (CVE-2024-4367)
Description:Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 126 版本之前存在安全漏洞，该漏洞源于处理 PDF.js 中的字体时缺少类型检查，这将允许在 PDF.js 环境中执行任意 JavaScript。

File Snapshot


 [4.0K]  /data/pocs/50528033698b04d4c2a9d0eba743923a50fc6f02
├── [4.0K]  html
│   └── [5.3K]  pdfviewer.html
├── [ 494]  index.js
├── [ 497]  package.json
├── [ 59K]  package-lock.json
├── [4.0K]  payload
│   ├── [4.0K]  payloads
│   │   ├── [1.8K]  alert.pdf
│   │   ├── [1.9K]  calculatrice.pdf
│   │   ├── [2.0K]  cookies.pdf
│   │   ├── [1.9K]  keylogger.pdf
│   │   ├── [2.0K]  localstorage.pdf
│   │   ├── [1.9K]  redirection.pdf
│   │   └── [106K]  safe Exploitation du CVE-2024-4367.pdf
│   └── [2.5K]  poc.py
├── [5.4K]  readme.md
└── [2.7K]  server.js

3 directories, 14 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-4367 PoC — Mozilla Firefox 安全漏洞

Source

Associated Vulnerability

File Snapshot

Remarks