Buffer Overflow Vulnerability in Espruino before 1.99 Allows Denial of Service and Information Disclosure

Buffer Overflow Vulnerability in Espruino before 1.99 Allows Denial of Service and Information Disclosure

CVE-2018-11593 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:P

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.