CVE-2017-11328CVE-2017-11328

Affected configuration(s):

cpe:/a:virustotal:yara:3.0.0
cpe:/a:virustotal:yara:3.1.0
cpe:/a:virustotal:yara:3.2.0
cpe:/a:virustotal:yara:3.3.0
cpe:/a:virustotal:yara:3.4.0
cpe:/a:virustotal:yara:3.5.0
cpe:/a:virustotal:yara:3.6.0
cpe:/a:virustotal:yara:3.6.1
cpe:/a:virustotal:yara:3.6.2
cpe:/a:virustotal:yara:3.6.3

Date published: 2017-07-17T09:18:20.173-04:00

Date last modified: 2017-08-04T10:30:55.350-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://github.com/VirusTotal/yara/commit/4a342f01e5439b9bb901aff1c6c23c536baeeb3f

Summary: Heap buffer overflow in the yr_object_array_set_item() function in object.c in YARA 3.x allows a denial-of-service attack by scanning a crafted .NET file.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.