SUSE CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

Arbitrary Code Execution

Ruby is vulnerable to arbitrary code execution attacks. A context-dependent attacker could exploit a flaw in the Fiddle::Handle implementation in ext/fiddle/handle.c to cause a denial of service application crash via a crafted string, related to the DL module and the libffi library...

Ubuntu 14.04 LTS / 16.04 LTS : Ruby vulnerabilities (USN-3365-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3365-1 advisory. It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries wit...

USN-3365-1 ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities

It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. CVE-2009-5147 Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenS...

CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

Apple OS X Ruby Memory Corruption Vulnerability

Apple OS X is a specialized operating system developed by Apple for Mac computers.Ruby is a cross-platform, object-oriented, dynamically-typed programming language developed by Japanese software developer Yukihiro Matsumoto. A memory corruption vulnerability exists in the implementation of...

CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...