359 matches found
CVE-2019-11412
CVE-2019-11412 affects Artifex MuJS 1.0.5 where jscompile.c can trigger a denial of service due to an invalid stack-frame jump from a missing ENDTRY opcode call. The issue is described in the CVE entry; public remediation references indicate newer MuJS releases (e.g., MuJS 1.0.9) addressing the v...
CVE-2019-11412
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service invalid stack-frame jump because it lacks an ENDTRY opcode call...
CVE-2019-11411
CVE-2019-11411 affects Artifex MuJS 1.0.5, where a stack-based buffer overflow exists in Number#toFixed() and numtostr in jsnumber.c. The vulnerability is demonstrated in the Fedora advisories that update MuJS to 1.0.9 for Fedora 32/31/33, addressing CVE-2019-11411 (along with CVE-2019-11412/1141...
CVE-2019-11411
An issue was discovered in Artifex MuJS 1.0.5. The NumbertoFixed and numtostr implementations in jsnumber.c have a stack-based buffer overflow...
CVE-2019-11411
An issue was discovered in Artifex MuJS 1.0.5. The NumbertoFixed and numtostr implementations in jsnumber.c have a stack-based buffer overflow...
PT-2019-12298 · Artifex · Artifex Mujs
Name of the Vulnerable Software and Affected Versions: Artifex MuJS version 1.0.5 Description: An issue was discovered in Artifex MuJS. It has unlimited recursion because the match function in regexp.c lacks a depth check. Recommendations: For Artifex MuJS version 1.0.5, consider applying a patch...
SRC-2019-0057 : Artifex MuJS regcompx pattern Integer Overflow Remote Code Execution Vulnerability Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MuPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Fedora Update for mujs FEDORA-2018-d4746c772f
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 26 : mujs (2018-d4746c772f)
Security fix for CVE-2018-5759. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora 27 : mujs (2018-5b2e981f14)
Security fix for CVE-2018-5759. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
Fedora Update for mujs FEDORA-2018-5b2e981f14
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 27 Update: mujs-0-11.20180129git25821e6.fc27
MuJS is a lightweight Javascript interpreter designed for embedding in other software to extend them with scripting capabilities...
[SECURITY] Fedora 26 Update: mujs-0-11.20180129git25821e6.fc26
MuJS is a lightweight Javascript interpreter designed for embedding in other software to extend them with scripting capabilities...
Artifex MuJS 1.0.2 - Denial of Service
Artifex MuJS 1.0.2 - Denial of Service Hello, I want to submit the following bug: The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes cra...
Artifex MuJS 1.0.2 - Integer Overflow
Artifex MuJS 1.0.2 - Integer Overflow Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs -...
Artifex MuJS 1.0.2 - Denial of Service
Hello, I want to submit the following bug: The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash Date: 2018-01-24 Exploit Author:...
Artifex MuJS 1.0.2 - Integer Overflow Exploit
Exploit for multiple platform in category dos / poc Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs -...
Artifex MuJS 1.0.2 - Integer Overflow
Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex https://www.artifex.com/ Software Link: https://github.com/ccxvii/mujs Version: Mujs - 228719d087aa5e27dcd8627c4acf7273476bdbca Tested on: Linux...
Artifex MuJS 1.0.2 - Denial of Service Exploit
Exploit for multiple platform in category dos / poc The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash Date: 2018-01-24 Exploit...
Artifex MuJS Denial Of Service
The continuous call between the two functions "jsCcexp" function and "cbinary" allows attackers to cause a denial of service application crash via a crafted js file Exploit Title: DoS caused by the interactive call between two functions Date: 2018-01-16 Exploit Author: Andrea Sindoni -...