Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-19648

Опубликовано: 09 дек. 2019
Источник: debian
EPSS Низкий

Описание

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
yaraunfixedpackage

Примечания

  • https://github.com/VirusTotal/yara/issues/1178

  • Negligible security impact

EPSS

Процентиль: 68%
0.0056
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-19648

CVSS3: 7.8
ubuntu
около 6 лет назад

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.

nvd логотип

CVE-2019-19648

CVSS3: 7.8
nvd
около 6 лет назад

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially crafted MachO file can cause an out-of-bounds memory access, resulting in Denial of Service (application crash) or potential code execution.

github логотип

GHSA-7fcj-v5v7-gm5g

CVSS3: 7.8
github
больше 3 лет назад

Out-of-bounds read in YARA

EPSS

Процентиль: 68%
0.0056
Низкий
Уязвимость CVE-2019-19648