Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c.
|Issue Tracking Vendor Advisory
|Exploit Vendor Advisory
|Patch Vendor Advisory
Configuration 1 (hide)