Arbitrary Memory Read Vulnerability in YARA 3.8.1

Arbitrary Memory Read Vulnerability in YARA 3.8.1

CVE-2018-19975 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:N/A:N

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

Learn more about our Web Application Penetration Testing UK.