Vulnerability & Exploit Database

Displaying entries 1 - 10 of 12 in total

Results for: CVE-2014-6393 Back to search

USN-2161-1: libyaml-libyaml-perl vulnerabilities Vulnerability

  • Severity: 7
  • Published: March 28, 2014

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.

RHSA-2014:0415: libyaml security update Vulnerability

  • Severity: 7
  • Published: March 28, 2014

YAML is a data serialization format designed for human readability andinteraction with scripting languages. LibYAML is a YAML parser and emitterwritten in C.A buffer overflow flaw was found in the way the libyaml library parsed URLsin YAML documents. An attacker able to load specially crafted YAML input toan application using libyaml cou...

RHSA-2014:0355: ruby193-libyaml security update Vulnerability

  • Severity: 7
  • Published: March 28, 2014

Updated ruby193-libyaml packages that fix two security issues are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerabili...

USN-2098-1: LibYAML vulnerability Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

SUSE Linux Security Vulnerability: CVE-2013-6393 Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

Gentoo Linux: CVE-2013-6393: LibYAML: Arbitrary code execution Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

FreeBSD: libyaml heap overflow resulting in possible code execution (CVE-2013-6393) Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

DSA-2870-1 libyaml-libyaml-perl -- heap-based buffer overflow Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

OS X update for Ruby (CVE-2013-6393) Vulnerability

  • Severity: 7
  • Published: February 06, 2014

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.