Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30768
HistoryMay 29, 2014 - 12:00 a.m.

APPLE-SA-2014-15-20-1 OS X Server 3.1.2

2014-05-2900:00:00
vulners.com
19
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2014-15-20-1 OS X Server 3.1.2

OS X Server 3.1.2 is now available and addresses the following:

Ruby
Available for: OS X Mavericks 10.9.3 or later
Impact: Running a Ruby script that uses untrusted input to create a
Float object may lead to an application hang or arbitrary code
execution
Description: A heap-based buffer overflow issue existed in Ruby when
converting a string to a floating point value. An attacker could send
a specially crafted request to Profile Manager or to a Ruby script,
which may lead to an application hang or arbitrary code execution.
This issue was addressed through additional validation of floating
point values.
CVE-ID
CVE-2013-4164

OS X Server 3.1.2 may be obtained from Mac App Store.

Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTe5cbAAoJEBcWfLTuOo7tHSAP/RTUSdVxw6bwbGQbCxNCM1rM
8NOZEcU5WFTuMfr05Py9MUMiQjrmRYKnT8yTzRIOAzr+jPoRCdLwPimOEXvRnGQw
Eh9ayN04TJNG/t73XC+T5U+kqVhT/6/uI2wN/f5YwKbL8+sAsE8Rx3fbNgdZFJz4
hC0pmjgomHlduBjmv3Ai+/GMhHqAkjGXy566Ahk+UShGGNx9cyjSYe4jsD1x+4jS
XrG/NHlMLX/1cac/xpCt8BBJu00xtuR50Pfo/pXdT3CN7zcKocQjjDCRJ/n0g97w
ZZ5xBv/kLi+3NTStCyDm8gSv5A+0opXXrQ2fh4PGm3s3+O9yAM95zWfeIJg1SiQi
FnA6zZE2JdbbQSIKLWKED0/bxWDAKhjHif1EoXL7yMxBqMXu+5eWEqDdc4LyzfWp
7fdyb0sz2fPtpnnbhZPnCLIijxr9exHkrMU8lH8XsLayaL7O6cuJ+Gk5ZJHtC/YS
L9uLZKB4VUUI6jHdDOmkbReDCm55WBXVvOBcnxQOfJicQB9hisLIYFEjO75RmYRP
fkotB7oaz0OJb8IO8N/AO8UBWEeJu4KI2EDu+a02C6z8b4A6AZvOqdXNFbe9k2iK
BkcmHmeMQASMl8tZykVlDrj0tNq3TqQbHs4UYhf9J1c807qqlIYA62g29wOphfzQ
DdXqtjMTJ2wcDCaUbREX
=a8IW
-----END PGP SIGNATURE-----

Related

nessus 27
openvas 24
oraclelinux 1
mageia 1
redhat 5
cve 1
freebsd 1
fedora 3
debian 4
f5 2
prion 1
amazon 2
ubuntucve 1
veracode 2
suse 2
slackware 1
centos 1
rubygems 1
securityvulns 7
ubuntu 1
ibm 2
hackerone 1
osv 1
gentoo 1
nessus
nessus
openSUSE Security Update : ruby19 (openSUSE-SU-2013:1835-1)
2014-06-13 00:00:00
Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20131125)
2013-12-04 00:00:00
CentOS 6 : ruby (CESA-2013:1764)
2014-11-12 00:00:00
openvas
openvas
Debian Security Advisory DSA 2810-1 (ruby1.9.1 - heap overflow)
2013-12-04 00:00:00
Oracle Linux Local Check: ELSA-2013-1764
2015-10-06 00:00:00
RedHat Update for ruby RHSA-2013:1764-01
2013-11-26 00:00:00
oraclelinux
oraclelinux
ruby security update
2013-11-26 00:00:00
mageia
mageia
Updated ruby package fixes security vulnerability
2014-01-06 05:02:29
redhat
redhat
(RHSA-2013:1763) Critical: ruby193-ruby security update
2013-11-25 00:00:00
(RHSA-2013:1767) Critical: ruby security update
2013-11-26 00:00:00
(RHSA-2014:0011) Critical: ruby193-ruby security update
2014-01-07 00:00:00
cve
cve
CVE-2013-4164
2013-11-23 19:55:00
freebsd
freebsd
ruby -- Heap Overflow in Floating Point Parsing
2013-11-22 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: ruby-2.0.0.353-16.fc20
2013-12-14 02:48:01
[SECURITY] Fedora 19 Update: ruby-2.0.0.353-16.fc19
2013-12-04 07:01:16
[SECURITY] Fedora 18 Update: ruby-1.9.3.484-32.fc18
2013-12-11 02:01:24
debian
debian
[SECURITY] [DSA 2810-1] ruby1.9.1 security update
2013-12-04 22:29:52
[SECURITY] [DSA 2810-1] ruby1.9.1 security update
2013-12-04 22:29:52
[SECURITY] [DSA 2809-1] ruby1.8 security update
2013-12-04 21:28:11
f5
f5
K15152 : Ruby vulnerability CVE-2013-4164
2014-04-10 00:00:00
SOL15152 - Ruby vulnerability CVE-2013-4164
2014-04-10 00:00:00
prion
prion
Heap overflow
2013-11-23 19:55:00
amazon
amazon
Critical: ruby19
2013-11-22 21:42:00
Critical: ruby
2013-11-22 21:42:00
ubuntucve
ubuntucve
CVE-2013-4164
2013-11-22 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:52:12
Arbitrary Code Execution
2019-05-02 05:01:21
suse
suse
Security update for ruby19 (critical)
2013-12-17 00:04:23
Security update for ruby (critical)
2013-12-05 18:04:15
slackware
slackware
[slackware-security] ruby
2013-12-17 03:50:10
centos
centos
ruby security update
2013-11-26 13:37:12
rubygems
rubygems
CVE-2013-4164 ruby: heap overflow in floating point parsing
2013-11-22 00:00:00
securityvulns
securityvulns
Ruby security vulnerabilities
2014-05-29 00:00:00
[USN-2035-1] Ruby vulnerabilities
2013-12-01 00:00:00
Apple Mac OS X multiple security vulnerabilities
2014-05-30 00:00:00
ubuntu
ubuntu
Ruby vulnerabilities
2013-11-27 00:00:00
ibm
ibm
Security Bulletin: IBM Security Network Protection System can be affected by vulnerabilities in Ruby on Rails and the Ruby language (CVE-2013-4492, CVE-2013-4164)
2018-06-16 21:16:38
IBM Security Network Protection / IBM QRadar Network Security / XGS Technote Index
2021-01-31 00:10:25
hackerone
hackerone
Ruby: Ruby: Heap Overflow in Floating Point Parsing
2013-11-22 00:00:00
osv
osv
ruby1.8 - several
2013-12-04 00:00:00
gentoo
gentoo
Ruby: Denial of service
2014-12-13 00:00:00
JSON
Related for SECURITYVULNS:DOC:30768
nessus27openvas24oraclelinux1mageia1redhat5cve1freebsd1fedora3debian4f52prion1amazon2ubuntucve1veracode2suse2slackware1centos1rubygems1securityvulns7ubuntu1ibm2hackerone1osv1gentoo1