CVE-2017-9438

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...

CVE-2017-9438

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...

YARA Denial of Service Vulnerability (CNVD-2017-11646)

YARA is a suite of tools used to help software researchers identify and categorize malware samples. regexp is a regular expression module. A denial of service vulnerability exists in the libyara/re.c file of the regexp module in YARA version 3.5.0. A remote attacker could exploit this vulnerabili...

PT-2017-18920

Name of the Vulnerable Software and Affected Versions YARA version 3.5.0 Description The issue allows remote attackers to cause a denial of service, specifically stack consumption, via a crafted rule involving hex strings. This is due to the mishandling of the rule in the yr re emit function with...

DEBIAN-CVE-2017-9304

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...

CVE-2017-9304

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...

CVE-2017-9304

The CVE-2017-9304 issue affects libyara/re.c in the regexp module of YARA 3.5.0, where the _yr_re_emit function mishandles crafted regexes (in hex strings), allowing a remote attacker to trigger a denial of service via stack consumption. The vulnerability surface is exposed through crafted rules ...

CVE-2017-9304

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...

PT-2017-18835

Name of the Vulnerable Software and Affected Versions YARA version 3.5.0 Description The issue allows remote attackers to cause a denial of service, specifically stack consumption, via a crafted rule. This occurs due to mishandling in the yr re emit function within the regexp module...

CVE-2016-10132

CVE-2016-10132 affects Artifex Software MuJS; the regexp.c component is vulnerable to a denial of service via regex compilation, caused by a NULL pointer dereference that can crash the process. Multiple connected records (CNVD-2017-05277, NVD/CVE-2016-10132, OSV feeds) confirm MuJS as the vulnera...

Artifex MuJS 'regexp.c' Integer Overflow Vulnerability

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. An integer overflow vulnerability exists in the 'jsregcomp' function of the regexp.c file in Artifex Software MuJS. An...

Artifex Software MuJS Integer Overflow Vulnerability

Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. An integer overflow vulnerability exists in the regemit function of the Artifex Software MuJS regexp.c file. An attacker...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the RegExp class arises due to a violation of the buffer’s initial boundary. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the RegExp class in the Flash Player software platform arises from a violation of the buffer’s initial limit. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code upon installing a plugin...

CVE-2016-7870

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7870

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7869

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7868

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7867

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution...

CVE-2016-7868

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution...