1246 matches found
CVE-2017-14749
JerryScript 1.0 allows remote attackers to cause a denial of service jmemheapallocblockinternal heap memory corruption or possibly execute arbitrary code via a crafted .js file, because unrecognized \ characters cause incorrect 0x00 characters in bytecode.literal data...
CVE-2017-14749
Removed by vendor...
CVE-2017-14749
CVE-2017-14749 affects JerryScript 1.0. A crafted JavaScript file can trigger a denial of service through jmem_heap_alloc_block_internal heap memory corruption, and possibly allow arbitrary code execution. Root cause is unrecognized backslash characters causing incorrect 0x00 bytes in bytecode.li...
JerryScript Denial of Service Vulnerability
JerryScript is a lightweight JavaScript engine . A security vulnerability exists in the 'lexerprocesscharliteral' function in the jerry-core/parser/js/js-lexer.c file in JerryScript version 1.0, which stems from the failure of a program to properly allocate memory. An attacker can exploit this...
CVE-2017-9250
The lexerprocesscharliteral function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed JavaScript source code, related to...
CVE-2017-9250
The lexerprocesscharliteral function in jerry-core/parser/js/js-lexer.c in JerryScript 1.0 does not skip memory allocation for empty strings, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via malformed JavaScript source code, related to...