Ruby REXML Parser Denial of Service Vulnerability

Bugtraq ID: 58141
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2013-1821
Remote: Yes
Local: No
Published: Feb 22 2013 12:00AM
Updated: Dec 16 2014 12:54AM
Credit: Ben Murphy
Vulnerable: Yukihiro Matsumoto Ruby 1.9.3 dev
Yukihiro Matsumoto Ruby 1.9.2 RC2
Yukihiro Matsumoto Ruby 1.9.2 P180
Yukihiro Matsumoto Ruby 1.9.2 P136
Yukihiro Matsumoto Ruby 1.9.2 P0
Yukihiro Matsumoto Ruby 1.9.2 -rc1
Yukihiro Matsumoto Ruby 1.9.1 P431
Yukihiro Matsumoto Ruby 1.9.1 -p429
Yukihiro Matsumoto Ruby 1.9.1 -p376
Yukihiro Matsumoto Ruby 1.9.1
Yukihiro Matsumoto Ruby 1.9 -2
Yukihiro Matsumoto Ruby 1.9 -1
Yukihiro Matsumoto Ruby 1.9
Yukihiro Matsumoto Ruby 1.8.7 -p72
Yukihiro Matsumoto Ruby 1.8.7 -p71
Yukihiro Matsumoto Ruby 1.8.7 -p22
Yukihiro Matsumoto Ruby 1.8.7 -p21
Yukihiro Matsumoto Ruby 1.8.7
Yukihiro Matsumoto Ruby 1.8.6 -p287
Yukihiro Matsumoto Ruby 1.8.6 -p286
Yukihiro Matsumoto Ruby 1.8.6 -p230
Yukihiro Matsumoto Ruby 1.8.6 -p229
Yukihiro Matsumoto Ruby 1.8.6 -p114
Yukihiro Matsumoto Ruby 1.8.6
Yukihiro Matsumoto Ruby 1.8.5 -p231
Yukihiro Matsumoto Ruby 1.8.5 -p230
Yukihiro Matsumoto Ruby 1.8.5 -p2
Yukihiro Matsumoto Ruby 1.8.5 -p115
Yukihiro Matsumoto Ruby 1.8.5
Yukihiro Matsumoto Ruby 1.8.4
Yukihiro Matsumoto Ruby 1.8.3
Yukihiro Matsumoto Ruby 1.8.2 pre4
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre3
+ Gentoo Linux
Yukihiro Matsumoto Ruby 1.8.2 pre2
Yukihiro Matsumoto Ruby 1.8.2 pre1
Yukihiro Matsumoto Ruby 1.8.2
Yukihiro Matsumoto Ruby 1.8.1
Yukihiro Matsumoto Ruby 1.8
+ Red Hat Fedora Core3
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Yukihiro Matsumoto Ruby 1.6.8
Yukihiro Matsumoto Ruby 1.6.7
Yukihiro Matsumoto Ruby 1.6
Yukihiro Matsumoto Ruby 1.9.2 pre3
Yukihiro Matsumoto Ruby 1.9.1-p430
Yukihiro Matsumoto Ruby 1.9.1-p378
Yukihiro Matsumoto Ruby 1.9.0-3
Yukihiro Matsumoto Ruby 1.9
Yukihiro Matsumoto Ruby 1.8.7-P357
Yukihiro Matsumoto Ruby 1.8.7-P352
Yukihiro Matsumoto Ruby 1.8.7-p334
Yukihiro Matsumoto Ruby 1.8.7-p330
Yukihiro Matsumoto Ruby 1.8.7-p302
Yukihiro Matsumoto Ruby 1.8.7-p299
Yukihiro Matsumoto Ruby 1.8.7-p249
Yukihiro Matsumoto Ruby 1.8.7-p248
Yukihiro Matsumoto Ruby 1.8.7-p173
Yukihiro Matsumoto Ruby 1.8.7-p160
Yukihiro Matsumoto Ruby 1.8.6-p420
Yukihiro Matsumoto Ruby 1.8.6-p399
Yukihiro Matsumoto Ruby 1.8.6-p388
Yukihiro Matsumoto Ruby 1.8.6-p383
Yukihiro Matsumoto Ruby 1.8.6-p369
Yukihiro Matsumoto Ruby 1.8.6-p368
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
Slackware Linux x86_64 -current
Slackware Linux 13.37 x86_64
Slackware Linux 13.37
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux -current
RedHat Enterprise Linux Desktop Workstation 5 client
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Oracle Enterprise Linux 5
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
CentOS CentOS 5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus