CVE-2018-19974

Posted on by admin

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).

Source: CVE-2018-19974

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다