libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule (involving hex strings) that is mishandled in the _yr_re_emit function, a different vulnerability than CVE-2017-9304.
References
Configurations
History
07 Nov 2023, 02:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 May 2021, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 May 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-06-05 17:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-9438
Mitre link : CVE-2017-9438
CVE.ORG link : CVE-2017-9438
JSON object : View
Products Affected
virustotal
- yara
CWE
CWE-674
Uncontrolled Recursion