Vulnerability Details : CVE-2018-19975
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
Exploit prediction scoring system (EPSS) score for CVE-2018-19975
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 45 %
Percentile, the proportion of vulnerabilities that are scored at or less