Lucene search
RubySecRUBY:RUBY-2009-1904-55031HistoryJun 09, 2009 - 8:00 p.m.
CVE-2009-1904 ruby: DoS vulnerability in BigDecimal
2009-06-0920:00:00
RubySec
rubysec.com
16
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.025
Percentile
90.2%
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173
allows context-dependent attackers to cause a denial of service
(application crash) via a string argument that represents a large
number, as demonstrated by an attempted conversion to the Float data type.
Affected configurations
Node
rubyrubyRange1.8.6.368β1.8.7.0
ORrubyrubyRange<1.8.7.174
Related
nessus
nessus
GLSA-200906-02 : Ruby: Denial of Service
2009-06-29 00:00:00
Mandriva Linux Security Advisory : ruby (MDVSA-2009:160)
2009-07-28 00:00:00
Slackware 11.0 / 12.0 / 12.1 / 12.2 / current : ruby (SSA:2009-170-02)
2009-06-21 00:00:00
openvas
openvas
Ruby BigDecimal Library Denial of Service Vulnerability (Linux)
2009-06-23 00:00:00
Mandrake Security Advisory MDVSA-2009:177 (ruby)
2009-08-17 00:00:00
Mandrake Security Advisory MDVSA-2009:177 (ruby)
2009-08-17 00:00:00
seebug
seebug
Ruby BigDecimalεΊζη»ζε‘ζΌζ΄
2009-06-18 00:00:00
nvd
nvd
CVE-2009-1904
2009-06-11 21:30:00
slackware
slackware
ruby
2009-06-19 18:18:56
securityvulns
securityvulns
Ruby DoS
2009-06-29 00:00:00
[Full-disclosure] [ GLSA 200906-02 ] Ruby: Denial of Service
2009-06-29 00:00:00
cve
cve
CVE-2009-1904
2009-06-11 21:30:00
ubuntucve
ubuntucve
CVE-2009-1904
2009-06-11 00:00:00
freebsd
freebsd
ruby -- BigDecimal denial of service vulnerability
2009-06-09 00:00:00
prion
prion
Code injection
2009-06-11 21:30:00
altlinux
altlinux
Security fix for the ALT Linux 5 package ruby version 1.9.1-alt1.20090625
2009-07-06 00:00:00
cvelist
cvelist
CVE-2009-1904
2009-06-11 21:00:00
gentoo
gentoo
Ruby: Denial of service
2009-06-28 00:00:00
osv
osv
ruby1.8 ruby1.9 - several issues
2009-08-12 00:00:00
debian
debian
[SECURITY] [DSA 1860-1] New Ruby packages fix several issues
2009-08-12 19:49:54
ubuntu
ubuntu
Ruby vulnerabilities
2009-07-20 00:00:00
Ruby vulnerabilities
2010-02-16 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: ruby-1.8.6.383-6.fc11
2010-01-14 01:27:31
[SECURITY] Fedora 10 Update: ruby-1.8.6.368-2.fc10
2009-12-11 18:18:17
oraclelinux
oraclelinux
ruby security update
2009-07-02 00:00:00
redhat
redhat
(RHSA-2009:1140) Moderate: ruby security update
2009-07-02 00:00:00
centos
centos
ruby security update
2009-07-02 23:49:01
suse
suse
remote code execution in dhcp-client
2009-07-15 16:27:03
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.025
Percentile
90.2%
Related for RUBY:RUBY-2009-1904-55031