CVE-2016-9017

Name of the Vulnerable Software and Affected Versions Artifex Software, Inc. MuJS versions before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767

Description The issue allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC dumpfunction function in the jsdump.c component.

Recommendations For versions before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767, consider updating to a version that includes the fix for the "Out-of-Bounds read" issue in the jsC dumpfunction function. As a temporary workaround, consider restricting the use of crafted JavaScript files to minimize the risk of exploitation.