Main Vulnerability Database Exploits ID:8780 - Exploit for Use-after-free in Mujs - CVE-2022-44789

ID:8780 - Exploit for Use-after-free in Mujs - CVE-2022-44789

Published: January 29, 2023

Vulnerability identifier: #VU69667

Vulnerability risk: High

CVE-ID: CVE-2022-44789

CWE-ID: CWE-416

Exploitation vector: Remote access

Vulnerable software:
Mujs

Link to public exploit:

https://github.com/alalng/CVE-2022-44789

Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when processing JavaScript files within the O_getOwnPropertyDescriptor() function. A remote attacker can pass a specially crafted JavaScript file to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Remediation

Install updates from vendor's website.

ID:8780 - Exploit for Use-after-free in Mujs - CVE-2022-44789

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human