CVE-2012-1152
Published: 9 September 2012
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.
Priority
Status
Package | Release | Status |
---|---|---|
libyaml-libyaml-perl Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Ignored
(end of life)
|
|
maverick |
Released
(0.33-1+squeeze1build0.10.10.1)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Released
(0.38-2)
|
|
quantal |
Released
(0.38-2)
|
|
raring |
Released
(0.38-2)
|
|
saucy |
Released
(0.38-2)
|
|
upstream |
Released
(0.38-2)
|