Hello,
I want to submit the following bug:
The js_strtod function in jsdtoac in Artifex MuJS through 102 has an
integer overflow because of incorrect exponent validation
# Exploit Title: Integer signedness error leading to Out-of-bounds read
that causes crash
# Date: 2018-01-24
# Exploit Author: Andrea Sindoni - @invictus1306
# Vendor: Artif ...
Advisories
Public security advisories
CVE-2018-6191 - Artifex MuJS through 102 has an integer overflow because of incorrect exponent validation
wwwexploit-dbcom/exploits/43903
CVE-2018-5759 - Artifex MuJS through 102 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via