LibYAML 0.1.5 Buffer Overflow

Credit: Ivan Fratric
Risk: High
Local: Yes
Remote: No
CWE: CWE-119

CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

#2014-003 LibYAML input sanitization errors Description: The LibYAML project is an open source YAML 1.1 parser and emitter written in C. The library is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for the string passed to the yaml_parser_scan_uri_escapes() function. A specially crafted YAML file, with a long sequence of percent-encoded characters in a URL, can be used to trigger the overflow. Affected version: LibYAML <= 0.1.5 Fixed version: LibYAML >= 0.1.6 Credit: vulnerability report received from Ivan Fratric of the Google Security Team. CVE: CVE-2014-2525 Timeline: 2014-03-11: vulnerability report received 2014-03-14: maintainer provides patch for review 2014-03-17: reporter confirms patch 2014-03-17: disclosure coordinated on 2014-03-26 2014-03-18: contacted affected vendors 2014-03-18: assigned CVE 2014-03-26: LibYAML 0.1.6 released 2014-03-26: advisory release References: Permalink: -- Andrea Barisani | Founder & Project Coordinator oCERT | OSS Computer Security Incident Response Team <> 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate"


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019,


Back to Top