PT-2019-11493 · Jsish · Jsish
Publicado
2019-07-23
·
Atualizado
2020-08-24
·
CVE-2019-1010173
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions:
Jsish version 2.4.84
Description:
The issue affects the
Jsi ValueArrayIndex function in jsiValue.c at line 366, allowing for denial of service through crafted JavaScript code execution.Recommendations:
For Jsish version 2.4.84, update to a version after commit 738ead193aff380a7e3d7ffb8e11e446f76867f3 to resolve the issue. As a temporary workaround, consider restricting the execution of crafted JavaScript code to minimize the risk of exploitation.
Exploit
Correção
Assertion Failure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jsish