Skip to main content

Yara CVE-2018-12035

HIGH
Out-of-bounds Write (CWE-787)
2018-06-15 cve@mitre.org
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 15, 2018 - 16:29 nvd
HIGH 7.8

DescriptionNVD

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.

AnalysisAI

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. Affected products include: Virustotal Yara.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).

More in Yara

View all
CVE-2021-3402 CRITICAL POC
9.1 May 14

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could

CVE-2023-40857 HIGH POC
8.8 Aug 28

Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_e

CVE-2019-19648 HIGH POC
7.8 Dec 09

In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real si

CVE-2018-12034 HIGH POC
7.8 Jun 15

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in

CVE-2017-5923 HIGH POC
7.5 Apr 03

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and

CVE-2016-10211 HIGH POC
7.5 Apr 03

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application cra

CVE-2016-10210 HIGH POC
7.5 Apr 03

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and applica

CVE-2017-5924 HIGH POC
7.5 Apr 03

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application cra

CVE-2017-9465 HIGH POC
7.1 Jun 06

The yr_arena_write_data function in YARA 3.6.1 allows remote attackers to cause a denial of service (buffer over-read an

CVE-2019-5020 MEDIUM POC
5.5 Jul 31

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. Rated medium sev

CVE-2018-19976 MEDIUM POC
5.5 Dec 17

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara

CVE-2018-19975 MEDIUM POC
5.5 Dec 17

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in liby

Share

CVE-2018-12035 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy