CVE-2023-40857

Опубликовано: 28 авг. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

Ссылки

https://github.com/VirusTotal/yara/issues/1945
Exploit
Issue Tracking
Vendor Advisory
https://github.com/VirusTotal/yara/issues/1945
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:virustotal:yara:4.3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02511

Низкий

8.8 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2023-40857

CVSS3: 8.8

ubuntu

больше 2 лет назад

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

CVE-2023-40857

CVSS3: 8.8

redhat

больше 2 лет назад

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

CVE-2023-40857

CVSS3: 8.8

debian

больше 2 лет назад

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remo ...

GHSA-wr74-v8h4-7w2f

CVSS3: 8.8

github

больше 2 лет назад

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.

EPSS

Процентиль: 85%

0.02511

Низкий

8.8 High

CVSS3

Дефекты

CWE-787