CVE-2017-5924

Опубликовано: 03 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	3.5.0+dfsg-9
cosmic	not-affected	3.5.0+dfsg-9
devel	not-affected	3.5.0+dfsg-9
disco	not-affected	3.5.0+dfsg-9
eoan	not-affected	3.5.0+dfsg-9
esm-apps/bionic	not-affected	3.5.0+dfsg-9
esm-apps/focal	not-affected	3.5.0+dfsg-9
esm-apps/jammy	not-affected	3.5.0+dfsg-9
esm-apps/noble	not-affected	3.5.0+dfsg-9

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2017-5924

EPSS

Процентиль: 67%

0.00546

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2017-5924

CVSS3: 7.5

nvd

почти 9 лет назад

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.

CVE-2017-5924

CVSS3: 7.5

debian

почти 9 лет назад

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...

GHSA-33qw-wpjx-355w

CVSS3: 7.5

github

больше 3 лет назад

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.

EPSS

Процентиль: 67%

0.00546

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2017-5924

Описание

Пакет yara

Ссылки на источники

Связанные уязвимости