Buffer overflow in Pyyaml Libyaml

CVE-2013-6393

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a…

Vulnerability class: Buffer Overflow

EPSS: 0.081 (92.3th percentile) — read the EPSS interpretation.

Affected products

Pyyaml Libyaml — versions 0.0.1, 0.1.1, 0.1.2
Canonical Ubuntu_linux — versions 12.04, 12.10, 13.10
Debian Debian_linux — versions 6.0, 7.0
Opensuse Leap — versions 42.1
Opensuse — versions 11.4, 13.1, 13.2
Redhat Openstack — versions 3.0, 4.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

openSUSE-SU-2014:0273 (vendor-advisory, Third Party Advisory, x_refsource_SUSE)
DSA-2870 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
APPLE-SA-2014-10-16-3 (vendor-advisory, x_refsource_APPLE, Broken Link)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Issue Tracking)
APPLE-SA-2014-04-22-1 (vendor-advisory, x_refsource_APPLE, Broken Link)
102716 (x_refsource_OSVDB, vdb-entry)
secalert@redhat.com (x_refsource_MISC, Issue Tracking)
MDVSA-2015:060 (vendor-advisory, Third Party Advisory, x_refsource_MANDRIVA)
65258 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)