oval:org.mitre.oval:def:24019

Definition Id: oval:org.mitre.oval:def:24019

Oval ID:	oval:org.mitre.oval:def:24019
Title:	ELSA-2013:1764: ruby security update (Critical)
Description:	Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:1764-00 CVE-2013-4164	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	ruby
Definition Synopsis:
Oracle Linux 6.x rpm test ruby-tcltk is earlier than 0:1.8.7.352-13.el6 AND ruby-static is earlier than 0:1.8.7.352-13.el6 AND ruby-rdoc is earlier than 0:1.8.7.352-13.el6 AND ruby-ri is earlier than 0:1.8.7.352-13.el6 AND ruby-irb is earlier than 0:1.8.7.352-13.el6 AND ruby-devel is earlier than 0:1.8.7.352-13.el6 AND ruby-libs is earlier than 0:1.8.7.352-13.el6 AND ruby-docs is earlier than 0:1.8.7.352-13.el6 AND ruby is earlier than 0:1.8.7.352-13.el6

Definition Id: oval:org.mitre.oval:def:16594

Oval ID:	oval:org.mitre.oval:def:16594
Title:	Oracle Linux 6.x
Description:	The operating system installed on the system is Oracle Linux 6.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:6	Version:	5
Platform(s):	Oracle Linux 6	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 6.x is installed
Referenced By:
oval:org.mitre.oval:def:24019