Описание
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| yara | fixed | 3.6.3+dfsg-1 | package | |
| yara | ignored | stretch | package | |
| yara | ignored | jessie | package |
Примечания
Fixed by: https://github.com/VirusTotal/yara/commit/4a342f01e5439b9bb901aff1c6c23c536baeeb3f
EPSS
Процентиль: 41%
0.00191
Низкий
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 8 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVSS3: 5.5
nvd
больше 8 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVSS3: 5.5
github
больше 3 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
EPSS
Процентиль: 41%
0.00191
Низкий