Vulnerabilities > Virustotal > Yara > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-14 | CVE-2017-8929 | Use After Free vulnerability in Virustotal Yara 3.5.0 The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule. | 5.0 |
2017-04-27 | CVE-2017-8294 | Out-of-bounds Read vulnerability in Virustotal Yara 3.5.0 libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function. | 5.0 |
2017-04-03 | CVE-2017-5924 | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function. | 5.0 |
2017-04-03 | CVE-2017-5923 | Out-of-bounds Read vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. | 5.0 |
2017-04-03 | CVE-2016-10211 | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | 5.0 |
2017-04-03 | CVE-2016-10210 | NULL Pointer Dereference vulnerability in Virustotal Yara 3.5.0 libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. | 5.0 |