Description

The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.

Remediation

References

CVE-2014-3916

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)

WordPress Plugin All in One Webmaster Unspecified Vulnerability (11.0)

WordPress Plugin Events Calendar for Google Local File Inclusion (2.1.0)

WordPress Plugin Mobiloud-Native Mobile Apps for your WordPress site (iPhone, iPad, Android) Multiple Cross-Site Scripting Vulnerabilities (2.3.7)

WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)

Severity

Medium

Classification

CVE-2014-3916

Tags

Missing Update Known Vulnerabilities