An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2019-0781 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2019-07-31T16:38:21
Updated: 2022-04-19T17:32:54
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5020
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-31T17:15:11.387
Modified: 2022-06-13T18:38:02.423
Link: CVE-2019-5020
JSON object: View
Redhat Information
No data.