CVE-2013-0269 in Mac OS X Serverinformación

Resumen (Inglés)

The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka "Unsafe Object Creation Vulnerability."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservar

2012-12-06

Divulgación

2013-02-12

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
10949Apple Mac OS X Server Profile Manager escalada de privilegios20No probadoArreglo oficialCVE-2013-0269
7683Ruby on Rails JSON Gem escalada de privilegios20Prueba de conceptoArreglo oficialCVE-2013-0269

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!