CyberSec.Space Logo
Back to CVE Browser

CVE-2019-12798

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0990%
EPSS Percentile30.70th
PublishedJun 13, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

Affected Platforms (CPE)

πŸ“¦
Artifex

Mujs

= 1.0.5

References & Advisories

πŸ”— http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9
πŸ”— http://www.securityfocus.com/bid/108774
πŸ”— http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9
πŸ”— http://www.securityfocus.com/bid/108774

Related Vulnerabilities

CVE-2021-3379610.0

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

CVE-2021-450059.8

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally...

CVE-2019-114119.8

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...