CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10141
https://notcve.org/view.php?id=CVE-2016-10141
An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. Se observó una vulnerabilidad de desbordamiento de enteros en la función regemit en regexp.c en Artifex Software, Inc. • http://git.ghostscript.com/?p=mujs.git%3Bh=fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045 http://www.securityfocus.com/bid/95876 https://bugs.ghostscript.com/show_bug.cgi?id=697448 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9294
https://notcve.org/view.php?id=CVE-2016-9294
Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer dereference" issue affecting the jscompile.c component. Artifex Software, Inc. MuJS en versiones anteriores a 5008105780c0b0182ea6eda83ad5598f225be3ee permite a atacantes dependientes del contexto llevar a cabo ataques de "denegación de servicio (caída de aplicación)" utilizando el enfoque "etiquetado mal formado pausa/continuación en JavaScript", relacionado con un problema "referencia al puntero NULL" que afecta al componente jscompile.c. • http://bugs.ghostscript.com/show_bug.cgi?id=697172 http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=5008105780c0b0182ea6eda83ad5598f225be3ee http://www.securityfocus.com/bid/94293 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9136
https://notcve.org/view.php?id=CVE-2016-9136
Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue. Artifex Software, Inc. MuJS en versiones anteriores a a0ceaf5050faf419401fe1b83acfa950ec8a8a89 permite a atacantes dependientes de contexto obtener información sensible usando la aproximación "JavaScript manipulada", relacionado con un problema "Buffer Over-read". • http://bugs.ghostscript.com/show_bug.cgi?id=697244 http://www.securityfocus.com/bid/94223 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2016-7504
https://notcve.org/view.php?id=CVE-2016-7504
A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition. Vulnerabilidad de uso después de liberación de memoria fue observada en la función Rp_toString de Artifex Software, Inc. MuJS anterior a 5c337af4b3df80cf967e4f9f6a21522de84b392a. • http://bugs.ghostscript.com/show_bug.cgi?id=697142 http://www.securityfocus.com/bid/94241 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-7506
https://notcve.org/view.php?id=CVE-2016-7506
An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. Una vulnerabilidad de lectura out-of-bounds fue observada en la función Sp_replace_regexp de Artifex Software, Inc. MuJS anterior a 5000749f5afe3b956fc916e407309de840997f4a. • http://bugs.ghostscript.com/show_bug.cgi?id=697141 http://www.securityfocus.com/bid/94241 • CWE-125: Out-of-bounds Read •