CVE-2016-9108

Priority
Description
Integer overflow in the js_regcomp function in regexp.c in Artifex
Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e
allows attackers to cause a denial of service (application crash) via a
crafted regular expression.
Notes
ratliffmujs is included in thirdparty directory of mupdf
Package
Source: mupdf (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected [code not present])
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Ubuntu 19.10 (Eoan Ermine):not-affected
Ubuntu 20.04 LTS (Focal Fossa):not-affected
Ubuntu 20.10 (Groovy Gorilla):not-affected
More Information

Updated: 2020-04-29 19:14:21 UTC (commit bd6a073bfafc38621ce8c443b88e12892f0b4449)