CVE-2014-3916CVE-2014-3916

Affected configuration(s):

cpe:/a:rubyonrails:ruby_on_rails:1.9.3
cpe:/a:rubyonrails:ruby_on_rails:2.0.0
cpe:/a:rubyonrails:ruby_on_rails:2.1.0

Date published: 2014-11-16T12:59:04.253-05:00

Date last modified: 2017-08-28T21:34:49.437-04:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://seclists.org/oss-sec/2014/q2/362

Summary: The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.