CVE-2016-9017
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component.
Artifex Software, Inc. MuJS en versiones anteriores a a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 permite a atacantes dependientes del contexto obtener información sensible utilizando el enfoque "opname en crafted JavaScript file", relacionado con un problema de "lectura fuera de límites" que afecta la función jsC_dumpfunction en el componente jsdump.c.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-10-25 CVE Reserved
- 2016-10-28 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/94241 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| http://bugs.ghostscript.com/show_bug.cgi?id=697171 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Artifex Search vendor "Artifex" | Mujs Search vendor "Artifex" for product "Mujs" | <= 5c337af4b3df80cf967e4f9f6a21522de84b392a Search vendor "Artifex" for product "Mujs" and version " <= 5c337af4b3df80cf967e4f9f6a21522de84b392a" | - |
Affected
| ||||||