CVE-2018-12035

CVE-2018-12035

EPSS 1.2%

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bnbdr.github.io/posts/swisscheese/https://github.com/bnbdr/swisscheese https://github.com/VirusTotal/yara/issues/891