CVE-2016-10210

libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt