Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28054 of 28105

CVE-2017-5923

Posted by Cyberthreat Blog | Apr 3, 2017 | CVE Notifications |

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function.

CVE-2016-10210

Posted by Cyberthreat Blog | Apr 3, 2017 | CVE Notifications |

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.

CVE-2017-5924

Posted by Cyberthreat Blog | Apr 3, 2017 | CVE Notifications |

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.

CVE-2016-10209

Posted by Cyberthreat Blog | Apr 3, 2017 | CVE Notifications |

The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file.

CVE-2016-10211

Posted by Cyberthreat Blog | Apr 3, 2017 | CVE Notifications |

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.

Author: Cyberthreat Blog

CVE-2017-5923

CVE-2016-10210

CVE-2017-5924

CVE-2016-10209

CVE-2016-10211