Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-4367 PoC — Mozilla Firefox 安全漏洞

Source
https://github.com/s4vvysec/CVE-2024-4367-POC
Associated Vulnerability
Title:Mozilla Firefox 安全漏洞 (CVE-2024-4367)
Description:A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
Description
CVE-2024-4367 arbitrary js execution in pdf js
Readme
# CVE-2024-4367 POC

## Usage

```bash
python poc.py malicious.pdf "alert\('S4vvy')"
```

## References

- [CVE-2024-4367: Arbitrary JS Execution in PDF.js](https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/)
- [PDF.js](https://github.com/mozilla/pdf.js/security/advisories/GHSA-wgrm-67xf-hhpq)
File Snapshot

 [4.0K]  /data/pocs/88850192f209f109d8e60dd15bf35ac648de79bc
├── [1.8K]  malicious.pdf
├── [2.3K]  poc.py
└── [ 329]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →