CVE-2018-5759
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/01/2018
Last modified:
17/06/2026
Description
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:artifex:mujs:*:*:*:*:*:*:*:* | 1.0.2 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=4d45a96e57fbabf00a7378b337d0ddcace6f38c1
- http://www.securityfocus.com/bid/102833
- https://bugs.ghostscript.com/show_bug.cgi?id=698868
- https://www.exploit-db.com/exploits/43904/
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=4d45a96e57fbabf00a7378b337d0ddcace6f38c1
- http://www.securityfocus.com/bid/102833
- https://bugs.ghostscript.com/show_bug.cgi?id=698868
- https://www.exploit-db.com/exploits/43904/



