Vulnerability Details CVE-2018-5759
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.4%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=4d45a96e57fbabf00a7378b337d0ddcace6f38c1
- http://www.securityfocus.com/bid/102833
- https://bugs.ghostscript.com/show_bug.cgi?id=698868
- https://www.exploit-db.com/exploits/43904/
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=4d45a96e57fbabf00a7378b337d0ddcace6f38c1
- http://www.securityfocus.com/bid/102833
- https://bugs.ghostscript.com/show_bug.cgi?id=698868
- https://www.exploit-db.com/exploits/43904/