Use-After-Free Vulnerability in MuJS by Artifex Software
CVE-2016-7504

9.8CRITICAL

Key Information:

Vendor: Artifex
Status: Mujs
Vendor: CVE Published:; 29 October 2016

What is CVE-2016-7504?

A use-after-free vulnerability exists in the Rp_toString function within MuJS, an embedded JavaScript interpreter developed by Artifex Software. When exploited, this vulnerability may allow an attacker to execute arbitrary code or cause a denial of service, potentially compromising the integrity of the affected system. This issue highlights the critical importance of memory management and proper resource handling in application development.

References

http://bugs.ghostscript.com/show_bug.cgi?id=697142

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94241

vdb-entryx_refsource_BID

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2016
Vulnerability Reserved
Sep 9, 2016