CVE-2016-10141 — Integer Overflow or Wraparound in Mujs

CWE-190 — Integer Overflow or Wraparound6 documents5 sources
Severity
9.8CRITICALNVD
EPSS
0.6%
top 30.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Artifex Mujs
Timeline
PublishedJan 13
Latest updateMay 13

Description

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

â–¶NVDartifex/mujs< 2017-01-12

🔴Vulnerability Details

2
GHSA
GHSA-6j4g-3pfp-hgj5: An integer overflow vulnerability was observed in the regemit function in regexp↗2022-05-13
â–¶
CVEList
CVE-2016-10141: An integer overflow vulnerability was observed in the regemit function in regexp↗2017-01-13
â–¶

📋Vendor Advisories

1
Debian
CVE-2016-10141: mujs - An integer overflow vulnerability was observed in the regemit function in regexp...↗2016
â–¶

💬Community

2
Bugzilla
CVE-2016-10132 CVE-2016-10133 CVE-2016-10141 CVE-2017-5627 CVE-2017-5628 mujs: Multiple security issues [fedora-all]↗2017-01-13
â–¶
Bugzilla
CVE-2016-10132 CVE-2016-10133 CVE-2016-10141 CVE-2017-5627 CVE-2017-5628 mujs: Multiple security issues↗2017-01-13
â–¶
CVE-2016-10141 — Integer Overflow or Wraparound in Mujs | cvebase