CVE-2014-2525

2014-03-28T15:55:00
ID CVE-2014-2525
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:27:00

Description

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.