CVE-2018-19976

Опубликовано: 17 дек. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 4.3

EPSS Низкий

Описание

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

Ссылки

https://bnbdr.github.io/posts/extracheese/
Exploit
Third Party Advisory
https://github.com/VirusTotal/yara/issues/999
Exploit
Issue Tracking
Third Party Advisory
https://github.com/bnbdr/swisscheese/
Exploit
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DFFXDAMP6GJ337LIOTVF5I4T6QGMN3ZR/
https://bnbdr.github.io/posts/extracheese/
Exploit
Third Party Advisory
https://github.com/VirusTotal/yara/issues/999
Exploit
Issue Tracking
Third Party Advisory
https://github.com/bnbdr/swisscheese/
Exploit
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DFFXDAMP6GJ337LIOTVF5I4T6QGMN3ZR/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:virustotal:yara:3.8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00145

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2018-19976

CVSS3: 5.5

ubuntu

около 7 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

CVE-2018-19976

CVSS3: 5.5

debian

около 7 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule is expose ...

GHSA-wrpm-24mf-gq6c

CVSS3: 5.5

github

больше 3 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

EPSS

Процентиль: 35%

0.00145

Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-200