Vulnerability Details CVE-2018-6191
The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=25821e6d74fab5fcc200fe5e818362e03e114428
- http://www.securityfocus.com/bid/102840
- https://bugs.ghostscript.com/show_bug.cgi?id=698920
- https://www.exploit-db.com/exploits/43903/
- http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=25821e6d74fab5fcc200fe5e818362e03e114428
- http://www.securityfocus.com/bid/102840
- https://bugs.ghostscript.com/show_bug.cgi?id=698920
- https://www.exploit-db.com/exploits/43903/