CVE-2013-4164
ruby: heap overflow in floating point parsing
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse.
Desbordamiento de buffer basado en memoria dinámica en Ruby 1.8, 1.9 anteriores a 1.9.3-p484, 2.0 anteriores a 2.0.0-p353, 2.1 anteriores a 2.1.0 preview2, y "trunk" anteriores a la revisión 43780 permite a atacatnes dependientes del contexto causar denegación de servicio (segmentation fault) y posiblemente ejecutar código arbitrario a través de una cadena de texto que es convertida a un número en punto flotante, como demostrado utilizando (1) el método to_f o (2) JSON.parse.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-06-12 CVE Reserved
- 2013-11-23 CVE Published
- 2024-01-10 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-122: Heap-based Buffer Overflow
CAPEC
References (24)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/100113 | Vdb Entry | |
| http://secunia.com/advisories/57376 | Third Party Advisory | |
| http://www.securityfocus.com/bid/63873 | Vdb Entry | |
| https://puppet.com/security/cve/cve-2013-4164 | X_refsource_confirm | |
| https://support.apple.com/kb/HT6536 | X_refsource_confirm |
|
| https://www.ruby-lang.org/en/news/2013/11/22/ruby-1-9-3-p484-is-released | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://www.ruby-lang.org/en/news/2013/11/22/heap-overflow-in-floating-point-parsing-cve-2013-4164 | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| https://www.ruby-lang.org/en/news/2013/11/22/ruby-2-0-0-p353-is-released | 2018-01-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 1.8 Search vendor "Ruby-lang" for product "Ruby" and version "1.8" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 1.9 Search vendor "Ruby-lang" for product "Ruby" and version "1.9" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 1.9.1 Search vendor "Ruby-lang" for product "Ruby" and version "1.9.1" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 1.9.2 Search vendor "Ruby-lang" for product "Ruby" and version "1.9.2" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 1.9.3 Search vendor "Ruby-lang" for product "Ruby" and version "1.9.3" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 2.0.0 Search vendor "Ruby-lang" for product "Ruby" and version "2.0.0" | - |
Affected
| ||||||
| Ruby-lang Search vendor "Ruby-lang" | Ruby Search vendor "Ruby-lang" for product "Ruby" | 2.1 Search vendor "Ruby-lang" for product "Ruby" and version "2.1" | preview1 |
Affected
| ||||||