CVE-2022-44789

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 23-11-2022 10:15

Last modified: - 24-11-2022 05:15

Total changes: - 2

Description

A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.

Common Vulnerability Scoring System (CVSS)

Attack complexity

Attack vector

Availability

Confidentiality

Integrity

Privileges required

Scope

User interaction

Base score

Exploitability score

Impact score

Verification logic

Reference

https://github.com/alalng/CVE-2022-44789/blob/main/PublicReferenceURL.txt
https://github.com/ccxvii/mujs/commit/edb50ad66f7601ca9a3544a0e9045e8a8c60561f
https://github.com/ccxvii/mujs/releases/tag/1.3.2

Keywords

CVE-2022-44789

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-44789

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures