CVE-2017-5627
published 2017-01-30CVE-2017-5627: An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | mujs | < 2017-01-24 | 2017-01-24 |
| debian | mujs | — | — |