Buffer Overflow in Fp_toString Function of Artifex Software MuJS
CVE-2016-7564

7.5HIGH

Key Information:

Vendor

Artifex
Status
Mujs
Vendor
CVE Published:
18 January 2017

What is CVE-2016-7564?

A heap-based buffer overflow exists in the Fp_toString function within the MuJS implementation by Artifex Software. Attackers can exploit this vulnerability by sending crafted input, which may lead to denial of service conditions, resulting in application crashes. This vulnerability highlights the importance of input validation and memory management within software to prevent exploitations that compromise application stability.

References

https://bugs.ghostscript.com/show_bug.cgi?id=697137
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2016/09/28/11
mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2016/09/21/5
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.