exploitDog

CVE-2018-6191

Опубликовано: 24 янв. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.

Ссылки

http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=25821e6d74fab5fcc200fe5e818362e03e114428
http://www.securityfocus.com/bid/102840
Third Party Advisory
VDB Entry
https://bugs.ghostscript.com/show_bug.cgi?id=698920
Permissions Required
https://www.exploit-db.com/exploits/43903/
Exploit
Patch
Third Party Advisory
VDB Entry
http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=25821e6d74fab5fcc200fe5e818362e03e114428
http://www.securityfocus.com/bid/102840
Third Party Advisory
VDB Entry
https://bugs.ghostscript.com/show_bug.cgi?id=698920
Permissions Required
https://www.exploit-db.com/exploits/43903/
Exploit
Patch
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:artifex:mujs:*:*:*:*:*:*:*:*

Версия до 1.0.2 (включая)

EPSS

Процентиль: 87%

0.03214

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2018-6191

CVSS3: 5.5

debian

около 8 лет назад

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has a ...

GHSA-rrxp-jc5m-rx5p

CVSS3: 5.5

github

больше 3 лет назад

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.

EPSS

Процентиль: 87%

0.03214

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-190