Описание
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:virustotal:yara:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.5.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.6.2:*:*:*:*:*:*:*
cpe:2.3:a:virustotal:yara:3.6.3:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00191
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 8 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
CVSS3: 5.5
debian
больше 8 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in obj ...
CVSS3: 5.5
github
больше 3 лет назад
Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.
EPSS
Процентиль: 41%
0.00191
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-119