359 matches found
Artifex MuJS 1.0.2 Integer Overflow
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash Date: 2018-01-24 Exploit Author: Andrea Sindoni - @invictus1306 Vendor: Artifex...
Artifex MuJS Denial of Service Vulnerability
Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, which is used to embed into other software to provide script execution. A security vulnerability exists in the jsparse.c file in Artifex MuJS 1.0.2 and earlier versions, which stems from the program failing to properly...
Artifex MuJS 'js_strtod' function integer overflow vulnerability
Artifex MuJS is a lightweight JavaScript interpreter from Artifex Software, which is used to embed into other software to provide script execution. An integer overflow vulnerability exists in the 'jsstrtod' function of the jsdtoa.c file in Artifex MuJS 1.0.2 and earlier versions, which stems from...
Integer overflow
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation...
CVE-2018-5759
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service excessive recursion via a crafted file...
CVE-2018-5759
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service excessive recursion via a crafted file...
Design/Logic Flaw
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service excessive recursion via a crafted file...
CVE-2018-6191
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation...
CVE-2018-6191
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation...
CVE-2018-6191
MuJS up to version 1.0.2 contains an integer overflow in js_strtod (jsdtoa.c) due to incorrect exponent validation. This affects Artifex MuJS when parsing numbers and can lead to a crash/DoS (as shown by Exploit-DB tooling). Connected documents indicate the issue was fixed in commit 25821e6d74fab...
CVE-2018-6191
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation...
CVE-2018-5759
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service excessive recursion via a crafted file...
CVE-2018-5759
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service excessive recursion via a crafted file...
CVE-2018-5759
CVE-2018-5759 affects Artifex MuJS, up to version 1.0.2, where the parser (jsparse.c) does not correctly maintain the AST depth for binary expressions. This can enable a remote attacker to trigger excessive recursion and cause a denial of service. Public references (Exploit-DB) describe a DoS PoC...
CVE-2018-6191
The jsstrtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation...
Artifex Software MuJS Denial of Service Vulnerability (CNVD-2017-05277)
Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. A denial of service vulnerability exists in the regexp.c file in Artifex Software MuJS. An attacker can exploit this...
CVE-2016-10133
Heap-based buffer overflow in the jsstackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions...
CVE-2016-10132
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service NULL pointer dereference and crash via vectors related to regular expression compilation...
CVE-2016-10133
Heap-based buffer overflow in the jsstackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions...
Null pointer dereference
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service NULL pointer dereference and crash via vectors related to regular expression compilation...