PT-2018-9520 · Jsish · Jsish
Publicado
2018-09-06
·
Atualizado
2018-10-25
·
CVE-2018-1000668
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
jsish versions 2.4.70 through 2.4.70
Description
The issue is related to an out-of-bounds read in the
jsi ObjArrayLookup function, located in jsiObj.c:274, which can cause a crash due to a segmentation fault. This can be exploited by executing crafted JavaScript code.Recommendations
For jsish version 2.4.70, update to version 2.4.71 to resolve the issue.
Correção
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jsish