Summaryinfo

A vulnerability was found in Samsung Escargot up to 4.0.0. It has been classified as critical. This affects an unknown function. Performing a manipulation results in stack-based overflow. This vulnerability is known as CVE-2023-41268. Attacking locally is a requirement. No exploit is available. To fix this issue, it is recommended to deploy a patch. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Samsung Escargot up to 4.0.0. This affects an unknown code block. The manipulation with an unknown input leads to a stack-based overflow vulnerability. CWE is classifying the issue as CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This is going to have an impact on availability. The summary by CVE is:

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Stack Overflow and Segmentation fault.This issue affects Escargot: from 3.0.0 through 4.0.0.

The weakness was published 12/06/2023. It is possible to read the advisory at github.com. This vulnerability is uniquely identified as CVE-2023-41268 since 08/28/2023. The technical details are unknown and an exploit is not publicly available.

Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• Samsung

Name

• Escargot

Version

• 4.0

License

• commercial

Website

• Vendor: https://www.samsung.com/
• Product: https://github.com/Samsung/escargot/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion