Vulnerabilities > CVE-2020-22907 - Out-of-bounds Write vulnerability in Jsish

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

jsish

CWE-787

NVD

Published: 2021-07-13

Updated: 2021-07-15

Summary

Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.

Vulnerable Configurations

Part	Description	Count
Application	Jsish Jsish Jsish - Jsish Jsish 2.4.65 Jsish Jsish 2.4.67 Jsish Jsish 2.4.70_2.047 Jsish Jsish 2.4.77_2.0477 Jsish Jsish 2.4.83_2.0483 Jsish Jsish 2.4.84_2.0484 Jsish Jsish 3.0.6 Jsish Jsish 3.0.7 Jsish Jsish 3.0.8	10

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/pcmacdon/jsish/issues/16