Debian Mujs vulnerabilities

CVE-2016-9136 [HIGH] CVE-2016-9136: mujs - Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allo... Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-7564 [HIGH] CVE-2016-7564: mujs - Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artife... Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to cause a denial of service (crash) via crafted input. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-9294 [HIGH] CVE-2016-9294: mujs - Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allo... Artifex Software, Inc. MuJS before 5008105780c0b0182ea6eda83ad5598f225be3ee allows context-dependent attackers to conduct "denial of service (application crash)" attacks by using the "malformed labeled break/continue in JavaScript" approach, related to a "NULL pointer dereference" issue affecting the jscompile.c component. Scope: local bookworm: resolved bullseye: resolv

CVE-2016-9108 [HIGH] CVE-2016-9108: mujs - Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc... Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-7504 [CRITICAL] CVE-2016-7504: mujs - A use-after-free vulnerability was observed in Rp_toString function of Artifex S... A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-10133 [CRITICAL] CVE-2016-10133: mujs - Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artife... Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-9109 [HIGH] CVE-2016-9109: mujs - Artifex Software MuJS allows attackers to cause a denial of service (crash) via ... Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape sequences. NOTE: this vulnerability exists due to an incomplete fix for CVE-2016-7563. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-10141 [CRITICAL] CVE-2016-10141: mujs - An integer overflow vulnerability was observed in the regemit function in regexp... An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. MuJS before fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045. The attack requires a regular expression with nested repetition. A successful exploitation of this issue can lead to code execution or a denial of service (buffer overflow) condition. Scope: local bookwor

CVE-2016-7506 [HIGH] CVE-2016-7506: mujs - An out-of-bounds read vulnerability was observed in Sp_replace_regexp function o... An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2016-10132 [HIGH] CVE-2016-10132: mujs - regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of se... regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved