2 matches found
CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrcompilerdestroy function...
php: denial of service when processing a crafted file with Fileinfo
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...