6 matches found
USN-8080-1: YARA vulnerabilities
Kamil Frankowicz discovered that a number of YARA's functions generated memory exceptions when processing specially crafted rules or files. A remote attacker could possibly use these issues to cause YARA to crash, resulting in a denial of service. These issues only affected Ubuntu 16.04 LTS...
SUSE CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...
Fedora 24 : yara (2017-9941306740)
Security fix CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...
CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...
DEBIAN-CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...
CVE-2017-5923
CVE-2017-5923 affects YARA (libyara) where libyara/grammar.y in YARA 3.5.0 is vulnerable to a crafted rule that is mishandled by yara_yyparse, causing a heap-based out-of-bounds read and a denial of service (application crash). This vulnerability is evidenced in multiple sources tied to YARA, inc...