Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2021-3402

Published: 14/05/2021 Updated: 07/11/2023
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Subscribe to Virustotal

Vulnerability Summary

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and previous versions could allow an malicious user to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

virustotal yara

fedoraproject fedora 33

fedoraproject fedora 34

References

CWE-190https://www.x41-dsec.de/lab/advisories/x41-2021-001-yara/https://bugzilla.redhat.com/show_bug.cgi?id=1930175https://www.openwall.com/lists/oss-security/2021/01/29/2https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXM224OLGI6KAOROLDPPGGCZ2OQVQ6HH/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKNXSH5ERG6NELTXCYVJLUPJJJ2TNEBD/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook