Published: 24/01/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The js_strtod function in jsdtoa.c in Artifex MuJS up to and including 1.0.2 has an integer overflow because of incorrect exponent validation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
artifex mujs

Hello, I want to submit the following bug: The js_strtod function in jsdtoac in Artifex MuJS through 102 has an integer overflow because of incorrect exponent validation # Exploit Title: Integer signedness error leading to Out-of-bounds read that causes crash # Date: 2018-01-24 # Exploit Author: Andrea Sindoni - @invictus1306 # Vendor: Artif ...

Artifex MuJS version 102 suffers from an integer overflow vulnerability because of incorrect exponent validation ...

Public security advisories

Advisories Public security advisories CVE-2018-6191 - Artifex MuJS through 102 has an integer overflow because of incorrect exponent validation wwwexploit-dbcom/exploits/43903 CVE-2018-5759 - Artifex MuJS through 102 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via

CWE-190 https://bugs.ghostscript.com/show_bug.cgi?id=698920 https://www.exploit-db.com/exploits/43903/http://www.securityfocus.com/bid/102840 http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=25821e6d74fab5fcc200fe5e818362e03e114428 https://nvd.nist.gov https://github.com/invictus1306/advisories https://www.exploit-db.com/exploits/43903/

CVE-2018-6191

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect