Incorrect Regular Expression

CVE-2019-12798

High

9.8/10

Summary

An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-185 - Incorrect Regular Expression

The software specifies a regular expression in a way that causes data to be improperly matched or compared.

References

Advisory Timeline

Published Jun 13, 2019

Incorrect Regular Expression

CVE-2019-12798

Summary

CWE-185 - Incorrect Regular Expression

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS