CVE-2013-4164 in Mac OS Xinfo

Summary

Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

06/12/2013

Disclosure

11/23/2013

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
13039	Apple Mac OS X Ruby memory corruption	119	High	Official fix	CVE-2013-4164
11266	Ruby memory corruption	119	High	Official fix	CVE-2013-4164

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!