CRITICAL🇵🇱 Wersja polska

CVE-2021-33797

CVSS 9.8v3.1pub. 2023-04-17upd. 2025-02-06

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floating point exponent, which leads to a buffer overflow in the pointer *d.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Artifex Mujs

    APP
    Artifex
    1.0.1 – 1.1.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2021-33796CRITICAL10.0ten sam produkt

In MuJS before version 1.1.2, a use-after-free flaw in the regexp source property access may cause denial of s...

CVE-2021-45005CRITICAL9.8ten sam produkt

Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList o...

CVE-2019-12798CRITICAL9.8ten sam produkt

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression progr...

CVE-2019-11411CRITICAL9.8ten sam produkt

An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c...

CVE-2016-10133CRITICAL9.8ten sam produkt

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows a...