Multiple vulnerabilities in JerryScript
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2018-1000636 CVE-2018-11418 CVE-2018-11419 CVE-2017-18212 CVE-2017-14749 CVE-2017-9250 |
| CWE-ID | CWE-476 CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
JerryScript Web applications / JS libraries |
| Vendor | JerryScript |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU36772
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1000636
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via The victim must execute specially crafted javascript code. This vulnerability appears to have been fixed in after commit 87897849f6879df10e8ad68a41bf8cf507edf710.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://github.com/jerryscript-project/jerryscript/issues/2435
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU37112
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11418
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp("[\u0020") payload, related to re_parse_char_class in parser/regexp/re-parser.c. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://github.com/jerryscript-project/jerryscript/issues/2237
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU37113
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11419
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp("[\u0") payload, related to re_parse_char_class in parser/regexp/re-parser.c. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://github.com/jerryscript-project/jerryscript/issues/2230
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU37482
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18212
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read in the lit_read_code_unit_from_hex function in lit/lit-char-helpers.c via a RegExp("[x0"); payload. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://github.com/jerryscript-project/jerryscript/issues/2140
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU38192
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-14749
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
JerryScript 1.0 allows remote attackers to cause a denial of service (jmem_heap_alloc_block_internal heap memory corruption) or possibly execute arbitrary code via a crafted .js file, because unrecognized characters cause incorrect 0x00 characters in bytecode.literal data.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://github.com/jerryscript-project/jerryscript/issues/2008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) NULL pointer dereference
EUVDB-ID: #VU38939
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9250
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trigger denial of service conditions via malformed JavaScript source code, related to the jmem_heap_free_block function.
MitigationInstall update from vendor's website.
Vulnerable software versionsJerryScript: 1.0
External linkshttp://www.securitytracker.com/id/1038413
http://github.com/jerryscript-project/jerryscript/commit/e58f2880df608652aff7fd35c45b242467ec0e79
http://github.com/jerryscript-project/jerryscript/issues/1821
http://github.com/zherczeg/jerryscript/commit/03a8c630f015f63268639d3ed3bf82cff6fa77d8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
