Format string vulnerabilities in YAML::LibYAML module 0.38 for Perl

Format string vulnerabilities in YAML::LibYAML module 0.38 for Perl

CVE-2012-1152 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.

Learn more about our Web Application Penetration Testing UK.