Heap Overflow in Floating Point Parsing (CVE-2013-4164). Fixed in 1.9.3-p484 and 2.0.0-p353.
There is an overflow in floating point number parsing in Ruby. This vulnerability has been assigned the CVE identifier CVE-2013-4164.
All users are recommended to upgrade to Ruby 1.9.3 patchlevel 484, ruby 2.0.0 patchlevel 353 or ruby 2.1.0 preview2.
Post a comment