Think you have a false positive on this rule?

Sid 1-44757

Message

FILE-OTHER LibYAML yamlparserscanuriescapes heap buffer overflow attempt

Summary

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.

Impact

CVSS base score 6.8 CVSS impact score 6.4 CVSS exploitability score 8.6 confidentialityImpact PARTIAL integrityImpact PARTIAL availabilityImpact PARTIAL

CVE-2014-2525:

CVSS base score 6.8

CVSS impact score 6.4

CVSS exploitability score 8.6

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2014-2525: Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.

Affected systems

  • pyyaml libyaml 0.0.1
  • pyyaml libyaml 0.1.1
  • pyyaml libyaml 0.1.2
  • pyyaml libyaml 0.1.3
  • pyyaml libyaml 0.1.4
  • pyyaml libyaml 0.1.5
  • novell leap 42.1
  • novell opensuse 13.1
  • novell opensuse 13.2

Ease of attack

CVE-2014-2525:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References