Skip to main content

Yara CVE-2017-5923

HIGH
Out-of-bounds Read (CWE-125)
2017-04-03 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Apr 03, 2017 - 05:59 cve.org
HIGH 7.5

DescriptionCVE.org

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function.

AnalysisAI

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. Affected products include: Virustotal Yara.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

More in Yara

View all
CVE-2021-3402 CRITICAL POC
9.1 May 14

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could

CVE-2023-40857 HIGH POC
8.8 Aug 28

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_e

CVE-2019-19648 HIGH POC
7.8 Dec 09

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real si

CVE-2018-12035 HIGH POC
7.8 Jun 15

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability i

CVE-2018-12034 HIGH POC
7.8 Jun 15

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in

CVE-2016-10211 HIGH POC
7.5 Apr 03

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application cra

CVE-2016-10210 HIGH POC
7.5 Apr 03

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and applica

CVE-2017-5924 HIGH POC
7.5 Apr 03

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application cra

CVE-2017-9465 HIGH POC
7.1 Jun 06

The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read an

CVE-2019-5020 MEDIUM POC
5.5 Jul 31

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. Rated medium sev

CVE-2018-19976 MEDIUM POC
5.5 Dec 17

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara

CVE-2018-19975 MEDIUM POC
5.5 Dec 17

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in liby

Share

CVE-2017-5923 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy