CVE-2017-5628 (NVD)

2017-01-30

An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file.

Products Mujs
Type Integer Overflow or Wraparound (CWE-190)
First patch - None (likely due to unavailable code)
Links http://git.ghostscript.com/?p=mujs.git%3Bh=8f62ea10a0af68e56d5c00720523ebcba13c2e6a
https://bugs.ghostscript.com/show_bug.cgi?id=697496
http://www.securityfocus.com/bid/95855