Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a CVE vulnerability ID? 
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
New vulnerability? Tell us about it!
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
WS-2020-0308
Good to know:
Date: December 3, 2020
YARA before v4.0.3 is vulnerable to buffer overflow in "dotnet" module. The strncpy function was being invoked with a source buffer that was shorter than MAX_TYPELIB_SIZE and the string was not null-terminated, which means that strncpy read past the end of the buffer. Now the limit pass to strncpy is the length of the string as indicated in the byte before the string itself. This length, being a byte, is equal to or less than MAX_TYPELIB_SIZE whose value is 255.
Language: C
Severity Score
Severity Score
Weakness Type (CWE)
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-120Top Fix
CVSS v3.1
| Base Score: |
|
|---|---|
| Attack Vector (AV): | LOCAL |
| Attack Complexity (AC): | LOW |
| Privileges Required (PR): | NONE |
| User Interaction (UI): | NONE |
| Scope (S): | UNCHANGED |
| Confidentiality (C): | LOW |
| Integrity (I): | NONE |
| Availability (A): | HIGH |