Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox CVE-2024-4367

Name: Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox CVE-2024-4367
Rating: 5 (6 reviews)

2025-06-28 | CVSS 8.8

## https://sploitus.com/exploit?id=2EA642AC-DCD4-5CA3-A772-7F3F7F668D74
# CVE-2024-4367 POC for PDF.js

POC for PDF.js' CVE-2024-4367 vuln - The pdf-modify.py script can be used to modify your PDFs and inject payloads.

## Usage

1. Ensure `CVE-2024-4367-POC-base-placeholder.pdf` is in the working directory.
2. Uncomment/modify the `payload_new` variable in `pdf-modify.py`.
3. Run it, `python pdf-modify.py`. No args needed.
4. You'll see a new PDF in the local dir with timestamped suffix.

## Related references

- https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/
- https://github.com/DidierStevens/DidierStevensSuite/blob/master/pdf-parser.py
- https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/#nodejs

## License

Licensed under the [MIT License](LICENSE).