CVE-2016-9136

Published: Nov 3, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue.

Affected (1)

Products: Artifex: Mujs

Artifex

1 product

Mujs

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Artifex Mujs	Up to 2016-10-31

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (4)

http://bugs.ghostscript.com/show_bug.cgi?id=697244

Source: cve@mitre.org

Issue TrackingPatch

http://www.securityfocus.com/bid/94223

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://bugs.ghostscript.com/show_bug.cgi?id=697244

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

http://www.securityfocus.com/bid/94223

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.