Lucene search
+L

66 matches found

UbuntuCve
UbuntuCve
added 2018/06/15 4:29 p.m.26 views

CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS7.1AI score0.01243EPSS
Exploits1References5
Cvelist
Cvelist
added 2018/06/15 4:0 p.m.44 views

CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

7.6AI score0.01243EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2018/06/15 4:0 p.m.58 views

CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS3.9AI score0.01243EPSS
Exploits1
Debian CVE
Debian CVE
added 2018/06/15 4:0 p.m.68 views

CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...

7.8CVSS3.9AI score0.01243EPSS
Exploits1
CVE
CVE
added 2018/06/15 4:0 p.m.61 views

CVE-2018-12035

CVE-2018-12035 affects YARA up to version 3.7.1, where parsing a specially crafted compiled rule file can trigger an out-of-bounds write in yr_execute_code (libyara/exec.c). Reported metrics indicate CVSS v3 base score 7.8 (HIGH) with LOCAL exploitability and user interaction required; CVSS v2 ba...

7.8CVSS7.5AI score0.01243EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2017/06/07 12:0 a.m.5 views

YARA regexp module denial of service vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. regexp is a regular expression module. A denial of service vulnerability exists in the libyara/re.c file of the regexp module in YARA version 3.5.0. A remote attacker could exploit this vulnerability...

7.5CVSS6.8AI score0.0257EPSS
Exploits0References1
OSV
OSV
added 2017/06/05 5:29 p.m.25 views

CVE-2017-9438

libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...

7.5CVSS7.2AI score
Exploits0References4
CNVD
CNVD
added 2017/06/05 12:0 a.m.6 views

YARA Denial of Service Vulnerability (CNVD-2017-11646)

YARA is a suite of tools used to help software researchers identify and categorize malware samples. regexp is a regular expression module. A denial of service vulnerability exists in the libyara/re.c file of the regexp module in YARA version 3.5.0. A remote attacker could exploit this vulnerabili...

7.5CVSS6.8AI score0.01842EPSS
Exploits0References1
CVE
CVE
added 2017/05/31 3:54 a.m.58 views

CVE-2017-9304

The CVE-2017-9304 issue affects libyara/re.c in the regexp module of YARA 3.5.0, where the _yr_re_emit function mishandles crafted regexes (in hex strings), allowing a remote attacker to trigger a denial of service via stack consumption. The vulnerability surface is exposed through crafted rules ...

7.5CVSS6.7AI score0.01842EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/05/24 12:0 a.m.5 views

YARA Denial of Service Vulnerability (CNVD-2017-08108)

YARA is a set of tools used to help software researchers identify and categorize malware samples. regex component is one of the regular expression components. A security vulnerability exists in the libyara/grammar.y file in YARA version 3.5.0. A remote attacker could exploit this vulnerability to...

7.5CVSS6.8AI score0.01601EPSS
Exploits1References1
CNVD
CNVD
added 2017/05/23 12:0 a.m.5 views

YARA 'specialized_string_cmp' Denial of Service Vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. A denial-of-service vulnerability exists in the 'sizedstringcmp' parameter of the YARA libyara/sizedstr.c file, which can be exploited by a remote attacker to submit a special request and cause a...

7.5CVSS7.5AI score0.01826EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/05/14 10:29 p.m.17 views

CVE-2017-8929

The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...

7.5CVSS7.1AI score0.01826EPSS
Exploits0References3
OSV
OSV
added 2017/05/14 10:29 p.m.3 views

UBUNTU-CVE-2017-8929

The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...

7.5CVSS7.1AI score0.01826EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/05/14 10:0 p.m.35 views

CVE-2017-8929

The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...

7.5CVSS5.1AI score0.01826EPSS
Exploits0
CVE
CVE
added 2017/05/14 10:0 p.m.69 views

CVE-2017-8929

CVE-2017-8929 affects YARA 3.5.0. The vulnerability resides in the function in libyara/sizedstr.c: sized_string_cmp, which can be triggered by a crafted rule to cause a use-after-free and application crash, enabling a remote denial of service. The connected documents provide this description and ...

7.5CVSS7AI score0.01826EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2017/05/14 12:0 a.m.4 views

PT-2017-18631

Name of the Vulnerable Software and Affected Versions YARA version 3.5.0 Description The issue allows remote attackers to cause a denial of service, resulting in a use-after-free and application crash, via a crafted rule. This is due to a problem in the sized string cmp function in...

9.1CVSS6.8AI score0.02996EPSS
Exploits12References27
Cvelist
Cvelist
added 2017/04/27 2:0 p.m.29 views

CVE-2017-8294

libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted rule that is mishandled in the yrreexec function...

7.2AI score0.02996EPSS
Exploits0References3
Prion
Prion
added 2017/04/03 5:59 a.m.18 views

Heap overflow

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...

5CVSS7.1AI score0.01647EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/04/03 5:59 a.m.17 views

CVE-2017-5923

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...

7.5CVSS7.1AI score0.01647EPSS
Exploits1References2
OSV
OSV
added 2017/04/03 5:59 a.m.14 views

CVE-2017-5923

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...

7.5CVSS6.5AI score
Exploits0References3
Rows per page
Query Builder