7 matches found
CVE-2018-1000663
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function jsievalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code...
Jsish Buffer Overflow Vulnerability
Jsish is a small JavaScript parser written in C with a built-in database . A buffer overflow vulnerability exists in the 'jsievalcode' function of the jsiEval.c file in Jsish versions 2.4.70 and 2.047. An attacker can exploit this vulnerability to cause a denial of service segmentation error and...
CVE-2018-1000668
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsiObjArrayLookup jsiObj.c:274 that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to ha...
CVE-2018-1000663
jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function jsievalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code...
Out-of-bounds
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsiObjArrayLookup jsiObj.c:274 that can result in Crash due to segmentation fault. This attack appear to be exploitable via The victim must execute crafted javascript code. This vulnerability appears to ha...
CVE-2018-1000663
CVE-2018-1000663 concerns jsish v2.4.70 (and 2.047) containing a buffer overflow in the _jsi_evalcode function of jsiEval.c, leading to a crash via segmentation fault. The vulnerability is exploitable when an attacker causes a victim to execute crafted JavaScript code. Public references in variou...
CVE-2018-1000668
Vulnerability detail (CVE-2018-1000668) : In jsish version 2.4.70 (2.047), an out-of-bounds read affects the function jsi_ObjArrayLookup (jsiObj.c:274), potentially causing a crash from a segmentation fault. The issue can be triggered when the victim executes crafted JavaScript code. A fix is ava...