4 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-19648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the machoparsefile functionality in macho/macho.c of YARA 3.11.0, commandsize may be inconsistent with the real size. A specially crafted MachO file can caus...
Important: golang
Issue Overview: An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library stdlib and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice array causing a panic when...
YARA has unspecified vulnerabilities
YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the machoparsefile function of the macho/macho.c file in YARA version 3.11.0. The vulnerability can be exploited by an attacker to cause out-of-bounds memory access...
PT-2019-15900
Name of the Vulnerable Software and Affected Versions YARA version 3.11.0 Description The issue arises from inconsistent command size in the macho parse file functionality, which can lead to out-of-bounds memory access when a specially crafted MachO file is processed. This can result in a Denial ...