SB2018053112 - Multiple vulnerabilities in Espruino

Main Vulnerability Database SB2018053112

SB2018053112 - Multiple vulnerabilities in Espruino

Published: May 31, 2018

Security Bulletin ID SB2018053112

Severity

Low

Patch available

YES

Number of vulnerabilities 7

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.

1) Buffer over-read (CVE-ID: CVE-2018-11598)

The vulnerability allows a remote attacker to gain access to sensitive information and perform a denial of service attack.

The vulnerability exists due to boundary error when parsing files in jsparse.c. A remote attacker can create a specially crafted file and gain access to sensitive information or trigger denial of service conditions.

2) Buffer overflow (CVE-ID: CVE-2018-11597)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to boundary error during syntax parsing because of a missing check for stack exhaustion with many '{' characters in jsparse.c. A remote attacker can cause a denial of service (application crash) with a user specially crafted input file.

3) Buffer overflow (CVE-ID: CVE-2018-11596)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to boundary error during syntax parsing because a check for '\0' is made for the wrong array element in jsvar.c. A remote attacker can cause a denial of service (application crash) with a user specially crafted input file.

4) Buffer overflow (CVE-ID: CVE-2018-11595)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to boundary error during syntax parsing, because strncat is misused. A remote attacker can cause a denial of service (application crash) and a potential Escalation of Privileges with a user specially crafted input file.

5) Buffer overflow (CVE-ID: CVE-2018-11594)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to boundary error during syntax parsing of "VOID" tokens in jsparse.c. A remote attacker can cause a denial of service (application crash) with a user specially crafted input file.

6) Buffer overflow (CVE-ID: CVE-2018-11593)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to boundary error during syntax parsing because strncpy is misused in jslex.c. A remote attacker can cause a denial of service (application crash) and potential Information Disclosure with a user specially crafted input file.

7) Integer overflow (CVE-ID: CVE-2018-11590)

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to integer overflow when parsing files in jsutils.c. A remote attacker can supply a specially crafted file to the interpreter, trigger integer overflow and crash the application.

Remediation

Install update from vendor's website.

References