Release date:
Updated on: 2012-03-13
Affected Systems:
Debian Linux 6.0 x
Cpan yaml-LibYAML 0.38
Cpan yaml-LibYAML 0.33-1
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52381
Cve id: CVE-2012-1152
Perl is a high-level, general, literal, and dynamic programming language.
The Perl YAML-LibYAML module has multiple format string vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code.
<* Source: Dominic Hargreaves
Link: http://bugs.debian.org/cgi-bin/bugreport.cgi? Bug = 661548
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
CPAN
----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.cpan.org