Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-1904

Опубликовано: 11 июн. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type.

РелизСтатусПримечание
dapper

released

1.8.4-1ubuntu1.7
devel

not-affected

1.8.7.174-1
hardy

released

1.8.6.111-2ubuntu1.3
intrepid

released

1.8.7.72-1ubuntu0.2
jaunty

released

1.8.7.72-3ubuntu0.1
karmic

not-affected

1.8.7.174-1
lucid

not-affected

1.8.7.174-1
maverick

not-affected

1.8.7.174-1
natty

not-affected

1.8.7.174-1
oneiric

not-affected

1.8.7.174-1

Показывать по

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

pulled 2010-07-27
hardy

ignored

end of life
intrepid

released

1.9.0.2-7ubuntu1.2
jaunty

released

1.9.0.2-9ubuntu1.1
karmic

released

1.9.0.5-1ubuntu1.2
lucid

released

1.9.0.5-1ubuntu2
maverick

DNE

pulled 2010-07-27
natty

DNE

pulled 2010-07-27
oneiric

DNE

pulled 2010-07-27

Показывать по

EPSS

Процентиль: 89%
0.0471
Низкий

5 Medium

CVSS2

Связанные уязвимости

redhat
около 16 лет назад

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type.

nvd
около 16 лет назад

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type.

debian
около 16 лет назад

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 ...

github
больше 3 лет назад

The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type.

oracle-oval
около 16 лет назад

ELSA-2009-1140: ruby security update (MODERATE)

EPSS

Процентиль: 89%
0.0471
Низкий

5 Medium

CVSS2