Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2014-03-28T15:00:00

Updated: 2017-12-08T10:57:01

Reserved: 2014-03-17T00:00:00


Link: CVE-2014-2525

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2014-03-28T15:55:08.670

Modified: 2018-10-30T16:27:35.843


Link: CVE-2014-2525

JSON object: View

cve-icon Redhat Information

No data.

CWE