An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HArtifex Mujs
APPArtifex1.0.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Referencje
Powiązane podatności
CVE-2021-33796CRITICAL10.0ten sam produkt
In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of s...
CVE-2021-33797CRITICAL9.8ten sam produkt
Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_st...
CVE-2021-45005CRITICAL9.8ten sam produkt
Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList o...
CVE-2019-12798CRITICAL9.8ten sam produkt
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression progr...
CVE-2016-10133CRITICAL9.8ten sam produkt
Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows a...