Oval Definition:oval:com.ubuntu.precise:def:20142525000
Revision Date:2014-03-28Version:1
Title:CVE-2014-2525 on Ubuntu 12.04 LTS (precise) - medium.
Description:Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-2525
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND Package Information
  • The 'libyaml' package in precise was vulnerable but has been fixed (note: '0.1.4-2ubuntu0.12.04.3').
  • OR The 'libyaml-libyaml-perl' package in precise was vulnerable but has been fixed (note: '0.38-2ubuntu0.1').
  • BACK