CVEブラウザに戻る

CVE-2019-12798

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile30.70th

Published2019年6月13日

Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

Affected Platforms (CPE)

📦

Artifex

Mujs

= 1.0.5

References & Advisories

🔗 http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9

🔗 http://www.securityfocus.com/bid/108774

🔗 http://git.ghostscript.com/?p=mujs.git%3Bh=7f50591861525f76e3ec7a63392656ff8c030af9

🔗 http://www.securityfocus.com/bid/108774

関連する脆弱性情報

CVE-2021-3379610.0

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of service.

CVE-2021-450059.8

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally...

CVE-2019-114119.8

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...