Vulnerabilities > CVE-2019-1010162 - NULL Pointer Dereference vulnerability in Jsish 2.4.772.0477

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

jsish

CWE-476

NVD

Published: 2019-07-23

Updated: 2019-10-09

Summary

jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. The impact is: denial of service. The component is: function Jsi_StrcmpDict (jsiChar.c:121). The attack vector is: The victim must execute crafted javascript code. The fixed version is: 2.4.77.

Vulnerable Configurations

Part	Description	Count
Application	Jsish Jsish Jsish 2.4.77_2.0477	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://jsish.org/fossil/jsi/tktview/5533c4d665b9683eebe4d662493f15eb911d1c8f