Null Pointer Dereference Vulnerability in WAVM
CVE-2018-17293 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application crash by NULL pointer dereference) or possibly have unspecified other impact by crafting certain WebAssembly files.
Learn more about our Web App Pen Testing.