CVE-2016-10211

Published: Apr 3, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

98078

vdb-entry

x_refsource_BID

https://github.com/VirusTotal/yara/commit/890c3f850293176c0e996a602ffa88b315f4e98f

x_refsource_CONFIRM

https://github.com/VirusTotal/yara/issues/575

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-10211

Description

Affected Products

References