mirror of
https://github.com/0xMarcio/cve.git
synced 2026-06-01 06:51:35 +02:00
0xMarcio
761 B
761 B
CVE-2018-19976
Description
In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.
POC
Reference
- https://bnbdr.github.io/posts/extracheese/
- https://github.com/VirusTotal/yara/issues/999
- https://github.com/bnbdr/swisscheese/