Skip to main content

Mujs CVE-2016-7506

HIGH
Out-of-bounds Read (CWE-125)
2016-10-29 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 29, 2016 - 01:59 cve.org
HIGH 7.5

DescriptionCVE.org

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition.

AnalysisAI

An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. Affected products include: Artifex Mujs. Version information: before 5000749.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

More in Mujs

View all
CVE-2016-7504 CRITICAL POC
9.8 Oct 29

A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. Rated critical severity (C

CVE-2016-7505 CRITICAL POC
9.8 Oct 29

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. Rated critical severity (CVSS 9

CVE-2020-24343 HIGH POC
7.8 Aug 13

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. Rated high severi

CVE-2016-9109 HIGH POC
7.5 Jan 18

Artifex Software MuJS allows attackers to cause a denial of service (crash) via vectors related to incomplete escape seq

CVE-2016-9294 HIGH POC
7.5 Nov 12

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication req

CVE-2016-7563 HIGH POC
7.5 Jan 18

The chartorune function in Artifex Software MuJS allows attackers to cause a denial of service (out-of-bounds read) via

CVE-2016-7564 HIGH POC
7.5 Jan 18

Heap-based buffer overflow in the Fp_toString function in jsfunction.c in Artifex Software MuJS allows attackers to caus

CVE-2016-9017 HIGH POC
7.5 Oct 28

Artifex Software, Inc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication req

CVE-2016-10141 CRITICAL
9.8 Jan 13

An integer overflow vulnerability was observed in the regemit function in regexp.c in Artifex Software, Inc. Rated criti

CVE-2016-10133 CRITICAL
9.8 Mar 24

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. Rated critical severity

CVE-2019-12798 CRITICAL
9.8 Jun 13

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi

CVE-2019-11411 CRITICAL
9.8 Apr 22

An issue was discovered in Artifex MuJS 1.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploi

Share

CVE-2016-7506 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy