CVE-2016-9294NULL Pointer Dereference in Mujs

CWE-476NULL Pointer Dereference6 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 34.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Artifex Mujs
Timeline
PublishedNov 12
Latest updateMay 13

Description

Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer dereference" issue affecting the jscompile.c component.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDartifex/mujs< 2016-10-26

🔴Vulnerability Details

2
GHSA
GHSA-fv39-8gm8-9qg3: Artifex Software, Inc2022-05-13
CVEList
CVE-2016-9294: Artifex Software, Inc2016-11-12

📋Vendor Advisories

1
Debian
CVE-2016-9294: mujs - Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allo...2016

💬Community

2
Bugzilla
CVE-2016-9294 mujs: DoS by using the malformed labeled break/continue in JavaScript2016-11-14
Bugzilla
CVE-2016-7504 CVE-2016-7505 CVE-2016-7506 CVE-2016-9017 CVE-2016-9108 CVE-2016-9109 CVE-2016-9294 mujs: various flaws [fedora-all]2016-10-31
CVE-2016-9294 — NULL Pointer Dereference in Mujs | cvebase