Lucene search
K

128 matches found

Metasploit
Metasploit
added 2013/11/22 10:51 p.m.26 views

Ruby on Rails JSON Processor Floating Point Heap Overflow DoS

When Ruby attempts to convert a string representation of a large floating point decimal number to its floating point equivalent, a heap-based buffer overflow can be triggered. This module has been tested successfully on a Ruby on Rails application using Ruby version 1.9.3-p448 with WebRick and Th...

6.8CVSS7.4AI score0.34968EPSS
Exploits3
Check Point Advisories
Check Point Advisories
added 2013/02/19 12:0 a.m.40 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution (CVE-2013-0333)

A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...

7.5CVSS7.8AI score0.98582EPSS
Exploits7
Metasploit
Metasploit
added 2013/02/11 10:48 p.m.66 views

Ruby on Rails JSON Processor YAML Deserialization Scanner

This module attempts to identify Ruby on Rails instances vulnerable to an arbitrary object instantiation flaw in the JSON request processor. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby...

7.5CVSS0.2AI score0.99449EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2013/02/11 12:0 a.m.54 views

Fedora 17 : rubygem-activesupport-3.0.11-8.fc17 (2013-1710)

Fixes CVE-2013-0333. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.5CVSS7.2AI score0.98582EPSS
Exploits7References3
seebug.org
seebug.org
added 2013/02/03 12:0 a.m.75 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.5CVSS0.99449EPSS
Exploits22
Packet Storm
Packet Storm
added 2013/01/29 12:0 a.m.94 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails JSON Processor YAML...

7.5CVSS0.4AI score0.99449EPSS
Exploits22
0day.today
0day.today
added 2013/01/29 12:0 a.m.46 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution

Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core...

7.1AI score0.99449EPSS
Exploits22
Exploit DB
Exploit DB
added 2013/01/29 12:0 a.m.75 views

Ruby on Rails - JSON Processor YAML Deserialization Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails JSON Processor YAML...

7.7AI score
Exploits0
Rows per page
Query Builder