Vulnerabilities > CVE-2020-23260 - Out-of-bounds Write vulnerability in Jsish

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

jsish

CWE-787

NVD

Published: 2023-04-04

Updated: 2023-04-10

Summary

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the StringReplaceCmd function in the src/jsiChar.c file.

Vulnerable Configurations

Part	Description	Count
Application	Jsish Jsish Jsish - Jsish Jsish 2.4.65 Jsish Jsish 2.4.67 Jsish Jsish 2.4.70_2.047 Jsish Jsish 2.4.77_2.0477 Jsish Jsish 2.4.83_2.0483 Jsish Jsish 2.4.84_2.0484 Jsish Jsish 3.0.6 Jsish Jsish 3.0.7 Jsish Jsish 3.0.8 Jsish Jsish 3.0.11	11

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://jsish.org/fossil/jsi2/tktview?name=3e211e44b1
https://github.com/pcmacdon/jsish/issues/14