CVE-2016-9017Out-of-bounds Read in Mujs

CWE-125Out-of-bounds ReadCWE-200Sensitive Information Exposure6 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 47.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Artifex Mujs
Timeline
PublishedOct 28
Latest updateMay 17

Description

Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDartifex/mujs5c337af4b3df80cf967e4f9f6a21522de84b392a

Patches

Patch: bugs.ghostscript.comPatch: bugs.ghostscript.com

🔴Vulnerability Details

2
GHSA
GHSA-527p-fff3-w4mq: Artifex Software, Inc2022-05-17
CVEList
CVE-2016-9017: Artifex Software, Inc2016-10-28

📋Vendor Advisories

1
Debian
CVE-2016-9017: mujs - Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allo...2016

💬Community

2
Bugzilla
CVE-2016-7504 CVE-2016-7505 CVE-2016-7506 CVE-2016-9017 CVE-2016-9108 CVE-2016-9109 mujs: Multiple security issues2016-10-31
Bugzilla
CVE-2016-7504 CVE-2016-7505 CVE-2016-7506 CVE-2016-9017 CVE-2016-9108 CVE-2016-9109 CVE-2016-9294 mujs: various flaws [fedora-all]2016-10-31
CVE-2016-9017 — Out-of-bounds Read in Artifex Mujs | cvebase