17 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled ...
Linux Distros Unpatched Vulnerability : CVE-2017-9304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in...
SUSE CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...
Code injection
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
Design/Logic Flaw
The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...
CVE-2017-8929
The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...
CVE-2017-8929
The sizedstringcmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule...
CVE-2017-8294
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted rule that is mishandled in the yrreexec function...
CVE-2017-8294
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted rule that is mishandled in the yrreexec function...
Null pointer dereference
libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted rule that is mishandled in the yygetnextbuffer function...
CVE-2016-10210
libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted rule that is mishandled in the yygetnextbuffer function...
CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrcompilerdestroy function...
CVE-2017-5923
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrparserlookuploopvariable function...
UBUNTU-CVE-2017-5924
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrcompilerdestroy function...
CVE-2016-10211
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrparserlookuploopvariable function...