CVE-2016-10133

9.8 CRITICAL

Published: March 24, 2017 Modified: May 13, 2026

Description

Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=77ab465f1c394bb77f00966cd950650f3f53cb24

Source: security@debian.org

http://www.openwall.com/lists/oss-security/2017/01/12/9

Source: security@debian.org

Mailing List Patch Third Party Advisory

http://www.openwall.com/lists/oss-security/2017/01/13/1

Source: security@debian.org

Mailing List Patch Third Party Advisory

https://bugs.ghostscript.com/show_bug.cgi?id=697401

Source: security@debian.org

Issue Tracking Patch Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3U5APFS3FEBOPXUJIFWBNU55PYR7ZBF/

Source: security@debian.org

http://git.ghostscript.com/?p=mujs.git%3Ba=commit%3Bh=77ab465f1c394bb77f00966cd950650f3f53cb24