oval:org.mitre.oval:def:24019

Definition Id: oval:org.mitre.oval:def:24019
 
Oval ID: oval:org.mitre.oval:def:24019
Title: ELSA-2013:1764: ruby security update (Critical)
Description: Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.
Family: unix Class: patch
Reference(s): ELSA-2013:1764-00
CVE-2013-4164
Version: 6
Platform(s): Oracle Linux 6
Product(s): ruby
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16594
 
Oval ID: oval:org.mitre.oval:def:16594
Title: Oracle Linux 6.x
Description: The operating system installed on the system is Oracle Linux 6.x
Family: unix Class: inventory
Reference(s): cpe:/o:oracle:linux:6
Version: 5
Platform(s): Oracle Linux 6
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:24019